{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2023-037.pdf"
    },
    "title": "High Severity Vulnerability in Cisco AnyConnect Client",
    "serial_number": "2023-037",
    "publish_date": "08-06-2023 09:58:59",
    "description": "On June 7, 2023, Cisco issued an advisory regarding a vulnerability affecting Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows that could allow a low-privileged, authenticated, local attacker to elevate privileges to those of \"SYSTEM\".<br>\nCERT-EU recommends updating the software.<br>\n",
    "url_title": "2023-037",
    "content_markdown": "--- \ntitle: 'High Severity Vulnerability in\u00a0Cisco\u00a0AnyConnect\u00a0Client' \nversion: '1.0'\nnumber: '2023-037'\noriginal_date: 'June 7, 2023'\ndate: 'June 8, 2023'\n---\n\n_History:_\n\n* _08/06/2023 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn June 7, 2023, Cisco issued an advisory regarding a vulnerability affecting Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows that could allow a low-privileged, authenticated, local attacker to elevate privileges to those of `SYSTEM` [1].\n\nCERT-EU recommends updating the software.\n\n# Technical Details\n\nThe vulnerability, identified as `CVE-2023-20178` with a CVSS score of 7.8 out of 10, exists because improper permissions are assigned to a temporary directory that is created during the upgrade process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with `SYSTEM` privileges.\n\n# Affected Products\n\n- Cisco AnyConnect Secure Mobility Client for Windows Software versions 4.10 and earlier (First Fixed Release is 4.10MR7).\n- Cisco Secure Client for Windows Software version 5.0 (First Fixed Release is 4.10MR7).\n\n# Recommendations\n\nCERT-EU recommends updating the affected products to the fixed version.\n\n# References\n\n[1] <https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>08/06/2023 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On June 7, 2023, Cisco issued an advisory regarding a vulnerability affecting Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows that could allow a low-privileged, authenticated, local attacker to elevate privileges to those of <code>SYSTEM</code> [1].</p><p>CERT-EU recommends updating the software.</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability, identified as <code>CVE-2023-20178</code> with a CVSS score of 7.8 out of 10, exists because improper permissions are assigned to a temporary directory that is created during the upgrade process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with <code>SYSTEM</code> privileges.</p><h2 id=\"affected-products\">Affected Products</h2><ul><li>Cisco AnyConnect Secure Mobility Client for Windows Software versions 4.10 and earlier (First Fixed Release is 4.10MR7).</li><li>Cisco Secure Client for Windows Software version 5.0 (First Fixed Release is 4.10MR7).</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU recommends updating the affected products to the fixed version.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw\">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}