1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Cisco has fixed a highly severe flaw in its business VPN - so pat

    From TechnologyDaily@1337:1/100 to All on Thu Jun 8 12:15:03 2023
    Cisco has fixed a highly severe flaw in its business VPN - so patch now

    Date:
    Thu, 08 Jun 2023 11:00:37 +0000

    Description:
    It seems Cisco beat cybercriminals to the punch this time, as no evidence of active exploitation was found.

    FULL STORY ======================================================================

    Cisco released a patch for a high-severity flaw that was plaguing its Cisco Secure Client. The flaw, tracked as CVE-2023-20178, allowed threat actors elevate account privileges and tamper with the system on the admin level. No interaction on the victims side was necessary.

    "This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the upgrade process," Cisco said
    in its security advisory published with the patch. "An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process."

    Cisco Secure Client is a VPN/ZNTA solution that enables remote working opportunities for employees, and endpoint management and telemetry features for administrators. Not abused (yet)

    To remove the threat, users are advised to bring AnyConnect Secure Mobility Client for Windows to version 4.10MR7 and Cisco Secure Client for Windows to version 5.0MR2.

    Not all versions of the product are vulnerable, though. For macOS and Linux, the Cisco Secure Client and AnyConnect Secure Mobility Client are both fine, as too is the Secure Client-AnyConnect for Android and the Secure Client AnyConnect VPN for iOS. Read more

    Cisco vulnerability could cause your firewalls to fail


    More Cisco SMB router ranges have serious security flaws


    Check out the best business VPNs right now

    Elsewhere in the security advisory, Cisco also said that there is no evidence of the flaw being used in the wild. There are also no malware variants out there looking to leverage the flaw, the company claims.

    The last time we heard of Cisco AnyConnect was in October last year, when the company urged its customers to apply a fix for a newly discovered flaw that had been sitting unnoticed for several years and was only discovered after being abused by criminals.

    At the time, Cisco said it unearthed two flaws - CVE-2020-3433 and CVE-2020-3153, found in the Cisco AnyConnect Secure Mobility Client for Windows which would have allowed local threat actors to run DLL hijacking attacks and use system-level privileges to copy files to system directories.The result is arbitrary code execution on endpoints with system privileges. Check out the best firewalls around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/cisco-has-fixed-a-highly-severe-flaw-in-its-bus iness-vpn-so-patch-now


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)