Cisco VPN Client cvpnd.exe Privilege Escalation
Medium Nessus Plugin ID 55568
SynopsisThe VPN client installed on the remote Windows host has a privilege escalation vulnerability.
DescriptionThe Cisco VPN client installed on the remote host has a privilege escalation vulnerability. cvpnd.exe, which is executed by the Cisco VPN Service, has insecure permissions. A local attacker could replace this file with arbitrary code, which would later be executed by the Cisco VPN Service, resulting in an elevation of privileges.
The following versions are vulnerable :
- 32-bit versions prior to 5.0.01.0600
- 64-bit version 5.0.7.0240
- 64-bit version 5.0.7.0290
SolutionUpgrade to Cisco VPN Client 32-bit version 5.0.01.0600 / 64-bit version 5.0.07.0440 or later. Cisco notes that the 32-bit MSI package contains the fix for this vulnerability, while the IS package does not.