First published: Mon Aug 17 2020(Updated: )
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Anyconnect Secure Mobility Client | <=4.9.00086 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-3435 is a vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows that could allow an authenticated, local attacker to overwrite VPN profiles on an affected device.
CVE-2020-3435 has a severity score of 5.5 (medium).
Cisco AnyConnect Secure Mobility Client for Windows version 4.9.00086 is affected by CVE-2020-3435.
An attacker would need valid credentials on the affected device to exploit CVE-2020-3435.
You can find more information about CVE-2020-3435 on the Cisco Security Advisory page: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-profile-7u3PERKF