Mac OS X : Cisco AnyConnect Secure Mobility Client 3.x < 3.1.10010.0 / 4.x < 4.1.4011.0 Arbitrary File Write

Medium Nessus Plugin ID 85542


The remote host is affected by an arbitrary file write vulnerability.


The Cisco AnyConnect Secure Mobility Client installed on the remote Mac OS X host is version 3.x prior to 3.1.10010.0 or 4.x prior to 4.1.4011.0. It is, therefore, affected by a flaw due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this issue, by convincing a user to connect to a malicious head-end system, to traverse outside a restricted path and thus write or overwrite arbitrary files in the active user's context.


Upgrade to Cisco AnyConnect Secure Mobility Client version 3.1.10010.0 / 4.1.4011.0 or later.

See Also

Plugin Details

Severity: Medium

ID: 85542

File Name: macosx_cisco_anyconnect_4_1_4011.nasl

Version: $Revision: 1.3 $

Type: local

Agent: macosx

Published: 2015/08/19

Modified: 2017/05/16

Dependencies: 59822

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:cisco:anyconnect_secure_mobility_client

Required KB Items: installed_sw/Cisco AnyConnect Secure Mobility Client, Host/MacOSX/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2015/07/30

Vulnerability Publication Date: 2015/07/30

Reference Information

CVE: CVE-2015-4289

BID: 76125

OSVDB: 125590