CVE-2017-3813

First published: Thu Feb 09 2017(Updated: )

A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system. This vulnerability affects versions prior to released versions 4.4.00243 and later and 4.3.05017 and later. Cisco Bug IDs: CSCvc43976.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Anyconnect Secure Mobility Client	=4.0.00048
Cisco Anyconnect Secure Mobility Client	=4.0.00051
Cisco Anyconnect Secure Mobility Client	=4.0.00052
Cisco Anyconnect Secure Mobility Client	=4.0.00057
Cisco Anyconnect Secure Mobility Client	=4.0.00061
Cisco Anyconnect Secure Mobility Client	=4.1.00028
Cisco Anyconnect Secure Mobility Client	=4.1.02011
Cisco Anyconnect Secure Mobility Client	=4.1.04011
Cisco Anyconnect Secure Mobility Client	=4.1.06013
Cisco Anyconnect Secure Mobility Client	=4.1.06020
Cisco Anyconnect Secure Mobility Client	=4.1.08005
Cisco Anyconnect Secure Mobility Client	=4.2.00096
Cisco Anyconnect Secure Mobility Client	=4.2.01022
Cisco Anyconnect Secure Mobility Client	=4.2.01035
Cisco Anyconnect Secure Mobility Client	=4.2.02075
Cisco Anyconnect Secure Mobility Client	=4.2.03013
Cisco Anyconnect Secure Mobility Client	=4.2.04018
Cisco Anyconnect Secure Mobility Client	=4.2.04039
Cisco Anyconnect Secure Mobility Client	=4.2.05015
Cisco Anyconnect Secure Mobility Client	=4.2.06014
Cisco Anyconnect Secure Mobility Client	=4.3.00748
Cisco Anyconnect Secure Mobility Client	=4.3.01095
Cisco Anyconnect Secure Mobility Client	=4.3.02039
Cisco Anyconnect Secure Mobility Client	=4.3.03086
Cisco Anyconnect Secure Mobility Client	=4.3.04027

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
vendor/cisco
product/anyconnect secure mobility client
canonical/cisco anyconnect secure mobility client

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.