漏洞类别:Local
漏洞等级: 
漏洞信息
Cisco AnyConnect is a VPN Client for multiple platforms.
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account.
Affected Versions:
Cisco AnyConnect Secure Mobility before 4.2.05015 and 4.3.x before 4.3.02039
漏洞危害
On successful exploitation it allows local users to gain privileges via a crafted INF file.
解决方案
There are no solution that address this vulnerability. Workaround:
There are no workarounds that address this vulnerability.
0day
文章评论