Cisco AnyConnect Secure Mobility Client < 3.1.8009.0 / 4.0.x < 4.0.2052.0 / 4.1.x < Multiple Vulnerabilities

Medium Nessus Plugin ID 85266


The remote host is affected by multiple vulnerabilities.


The Cisco AnyConnect Secure Mobility Client installed on the remote host is a version prior to 3.1.8009.0, or is version 4.0.x prior to 4.0.2052.0, or version 4.1.x prior to It is, therefore, affected by the following vulnerabilities :

- A flaw exists due to not sanitizing the input of IPC commands. A local attacker, using a specially crafted IPC command, can exploit this to write to arbitrary user space memory and execute code with escalated privileges.

- A path traversal flaw exists due to the Hostscan module not properly sanitizing user input in certain IPC commands. A local, authenticated attacker, using a specially crafted IPC command, can exploit this to traverse outside restricted paths and write or overwrite arbitrary files. (CVE-2015-0665)


Upgrade to Cisco AnyConnect Secure Mobility Client version 3.1.8009.0 / 4.0.2052.0 / or later

See Also

Plugin Details

Severity: Medium

ID: 85266

File Name: cisco_anyconnect_CSCus79173_CSCus79195.nasl

Version: $Revision: 1.3 $

Type: local

Agent: windows

Family: Windows

Published: 2015/08/07

Modified: 2017/04/27

Dependencies: 54953

Risk Information

Risk Factor: Medium


Base Score: 6.6

Temporal Score: 6.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:U/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:anyconnect_secure_mobility_client

Required KB Items: installed_sw/Cisco AnyConnect Secure Mobility Client, SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/05/08

Vulnerability Publication Date: 2015/03/14

Reference Information

CVE: CVE-2015-0664, CVE-2015-0665

BID: 73120

OSVDB: 119611, 119613

CISCO-BUG-ID: CSCus79173, CSCus79195