Cisco AnyConnect Secure Mobility Client 3.1.x < 4.3.4019.0 / 4.4.x < 4.4.225.0 Privilege Escalation

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A VPN application installed on the remote host is affected by a
privilege escalation vulnerability.

Description :

The version of Cisco AnyConnect Secure Mobility Client installed on
the remote Windows host is 3.x or 4.x prior to 4.3.4019.0 or 4.4.x
prior to 4.4.225.0. It is, therefore, affected by a privilege
escalation vulnerability due to incorrect permissions of a system
directory at installation time. A local attacker can exploit this, by
creating a specially crafted interprocess communication (IPC) to the
virtual private network (VPN) agent process, to execute commands on
the host with elevated system level privileges.

See also :

http://www.nessus.org/u?5f8d0034
https://tools.cisco.com/bugsearch/bug/CSCvb68043

Solution :

Upgrade to Cisco AnyConnect Secure Mobility Client version 4.3.4019.0
/ 4.4.225.0 or later.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 95951 ()

Bugtraq ID: 94770

CVE ID: CVE-2016-9192

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now