Cisco AnyConnect Secure Mobility Client < 4.4.02034 Local Privilege Escalation

Medium Nessus Plugin ID 100790


A VPN application installed on the remote host is affected by a privilege escalation vulnerability.


The version of Cisco AnyConnect Secure Mobility Client installed on the remote Windows host is prior to 4.4.02034. It is, therefore, affected by a local privilege escalation vulnerability due to improper validation of paths and filenames of dynamic-link library (DLL) files before they are loaded. A local attacker can exploit this, via a specially crafted DLL file, to escalate privileges and execute commands with SYSTEM level privileges.


Upgrade to Cisco AnyConnect Secure Mobility Client version 4.4.02034 or later.

See Also

Plugin Details

Severity: Medium

ID: 100790

File Name: cisco_anyconnect_CSCvc97928.nasl

Version: $Revision: 1.3 $

Type: local

Agent: windows

Family: Windows

Published: 2017/06/14

Modified: 2017/08/14

Dependencies: 54953

Risk Information

Risk Factor: Medium


Base Score: 6.9

Temporal Score: 5.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND


Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:cisco:anyconnect_secure_mobility_client

Required KB Items: installed_sw/Cisco AnyConnect Secure Mobility Client, SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/04/12

Vulnerability Publication Date: 2017/06/07

Reference Information

CVE: CVE-2017-6638

BID: 98938

OSVDB: 158678

CISCO-SA: cisco-sa-20170607-anyconnect


IAVA: 2017-A-0169