漏洞类别:Local
漏洞等级: 
漏洞信息
Cisco AnyConnect is a VPN Client for multiple platforms.
A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account.
Affected Versions:
Cisco AnyConnect Secure Mobility Client prior to 4.4.02034.
漏洞危害
On successful exploitation it allows local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account.
解决方案
Cisco has released free software updates that address the vulnerability described in this advisory.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论