CVE-2020-3433CISA KEV: Actively Exploited

Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability

Published Oct 24, 2022·Updated Oct 24, 2022

Description

Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.

Public Exploits & PoCs1 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free