Cisco VPN Client Dialer Local Privilege Escalation
Medium Nessus Plugin ID 25550
SynopsisThe remote windows host contains an application that is affected by a privilege escalation vulnerability.
DescriptionThe installed Cisco VPN Client version is prone to a privilege escalation attack. By using the 'Start before logon' feature in the VPN client dialer, a local attacker may gain privileges and execute arbitrary commands with SYSTEM privileges.
SolutionUpgrade to version 4.8.01.0300 or a later.