Even as the networking hardware company continues to analyze the flaw, it has released an update that it hopes to defang it.
The vulnerability was flagged by security researchers at Core Security and according to the advisory, the Cisco Product Security Incident Response Team (PSIRT) isn’t aware of any malicious use of the vulnerability in the wild.
- Here’s our list of the best VPN services
- These are some of the best remote desktop sharing software
- We've put together a list of the best endpoint protection software
Update to mitigate
The vulnerability, tracked as CVE-2021-1366, was discovered in the inter-process communication (IPC) channel of the AnyConnect Secure Mobility Client for Windows.
Cisco believes the reason behind the weakness is the insufficient validation of resources that are loaded by the client when it is executed. The attacker will have to craft and send an IPC message to the AnyConnect process, which would then enable them to execute arbitrary code on the affected machine with elevated privileges.
As per the advisory, the vulnerability only affects Windows version of the Cisco AnyConnect Secure Mobility Client prior to v4.9.05042. Furthermore, as mentioned earlier, it’ll only affect users who use the HostScan module, and not the ones who connect with the ISE Posture module.
- Check out our list of the best Linux VPN services