Cisco.AnyConnect.VPN.Client.Software.Security.Bypass
Description
This indicates an attack attempt to exploit a Security Bypass vulnerability in Cisco AnyConnect VPN client.
The vulnerability is due to a lack of validation when handling the vpndownloader.exe program. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage, allowing the attacker to downgrade the software to a previous version which is vulnerable to other exploits.
Affected Products
Cisco Systems AnyConnect Secure Mobility Client 2.x prior to 2.5.6005
Cisco Systems AnyConnect Secure Mobility Client 3.0.x prior to 3.0.08057
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Security Bypass: Remote attackers can bypass security checking of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |