Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities
Cisco CVE Common Vulnerabilities and Exposures

Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities

The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.Details about the vulnerabilities are as follows. Cisco AnyConnect Secure Mobility Client for Windows Uninstall Executable Hijacking Vulnerability A vulnerability in the uninstall process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform an executable hijacking attack on an affected device. This vulnerability exists because a temporary file with insecure permissions is created during the uninstall process. An attacker could exploit this vulnerability by overwriting the temporary file before it is accessed for execution. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvv43102, CSCvv60844CVE ID(s): CVE-2021-1426Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Cisco AnyConnect Secure Mobility Client for Windows Upgrade DLL Hijacking Vulnerabilities  Two vulnerabilities in the upgrade process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device. These vulnerabilities exist because the application loads a DLL file from a user-writable directory. An attacker could exploit these vulnerabilities by copying a malicious DLL file to a specific directory. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Bug ID(s): CSCvw16996, CSCvw17005CVE ID(s): CVE-2021-1427, CVE-2021-1428Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Cisco AnyConnect Secure Mobility Client for Windows Upgrade Executable Hijacking Vulnerability  A vulnerability in the install process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform an executable hijacking attack on an affected device. This vulnerability exists because a temporary file with insecure permissions is created during the upgrade process. An attacker could exploit this vulnerability by overwriting the temporary file before it is accessed for execution. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvw18527CVE ID(s): CVE-2021-1429Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Cisco AnyConnect Secure Mobility Client for Windows Upgrade DLL Hijacking Vulnerability  A vulnerability in the upgrade process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device. This vulnerability exists because a temporary file with insecure permissions is created during the upgrade process. An attacker could exploit this vulnerability by overwriting the temporary file before it is accessed for execution. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvw18595CVE ID(s): CVE-2021-1430Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Cisco AnyConnect Secure Mobility Client for Windows Install Executable Hijacking Vulnerability A vulnerability in the install process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform an executable hijacking attack on an affected device. This vulnerability exists because the application loads an executable file from a user-writable directory. An attacker could exploit this vulnerability by copying a malicious executable file to a specific directory, which would be executed when the application is installed or upgraded. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvu77671CVE ID(s): CVE-2021-1496Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Read More
Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerabilities
Cisco CVE Common Vulnerabilities and Exposures

Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerabilities

Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases Customers are advised to upgrade to an appropriate fixed software release as indicated in the following table(s): Cisco Unified Communications Manager IM & Presence Service Release First Fixed Release Earlier than 10.5 None. 10.5 None. 11.0 Migrate to 11.5(1)SU9. 11.5 11.5(1)SU9 12.0 Migrate to 12.5(1)SU4. 12.5 12.5(1)SU4
Read More
Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability
Cisco CVE Common Vulnerabilities and Exposures

Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability

When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, Cisco Content SMA, ESA, and WSA releases that were running Cisco AsyncOS Software releases 14.0 and later contained the fix for this vulnerability. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.
Read More
Cisco SD-WAN vManage Software Authentication Bypass Vulnerability
Cisco CVE Common Vulnerabilities and Exposures

Cisco SD-WAN vManage Software Authentication Bypass Vulnerability

Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases Customers are advised to upgrade to an appropriate fixed software release as indicated in the following table(s). To ensure a complete upgrade solution, consider that this advisory is part of a collection that includes the following advisories: Cisco SD-WAN vManage Software Release First Fixed Release for This Vulnerability First Fixed Release for All Vulnerabilities Described in the Collection of Advisories Earlier than 18.4 Migrate to a fixed release. Migrate to a fixed release. 18.4 Migrate to a fixed release. Migrate to a fixed release. 19.2 Migrate to a fixed release. Migrate to a fixed release. 19.3 Migrate to a fixed release. Migrate to a fixed release. 20.1 Migrate to a fixed release. Migrate to a fixed release. 20.3 20.3.1 Migrate to a fixed release. 20.4 20.4.1 20.4.1 20.5 20.5.1 20.5.1
Read More
Cisco AnyConnect Secure Mobility Client Profile Modification Vulnerability
Cisco CVE Common Vulnerabilities and Exposures

Cisco AnyConnect Secure Mobility Client Profile Modification Vulnerability

When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, Cisco AnyConnect Secure Mobility Client for Windows, MacOS, and Linux releases 4.10.00093 and later contained the fix for this vulnerability. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. To download the software from the Software Center on Cisco.com, do the following: Click Browse all. Choose Security  > VPN and Endpoint Security Clients  > Cisco VPN Clients  > AnyConnect Secure Mobility Client  > AnyConnect Secure Mobility Client v4.x. Choose the release from the left pane of the AnyConnect Secure Mobility Client v4.x page.
Read More
Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities
Cisco CVE Common Vulnerabilities and Exposures

Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities

Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases Customers are advised to upgrade to an appropriate fixed software release as indicated in the following table(s). To ensure a complete upgrade solution, consider that this advisory is part of a collection that includes the following advisories: Cisco SD-WAN vEdge Software Release First Fixed Release for These Vulnerabilities First Fixed Release for All Vulnerabilities Described in the Collection of Advisories Earlier than 18.4 Migrate to a fixed release. Migrate to a fixed release. 18.4 Migrate to a fixed release. Migrate to a fixed release. 19.2 Migrate to a fixed release. Migrate to a fixed release. 20.1 Migrate to a fixed release. Migrate to a fixed release. 20.3 Migrate to a fixed release. Migrate to a fixed release. 20.4 20.4.1 20.4.1 20.5 20.5.1 20.5.1
Read More
Docker Containers
Container Security

Docker Containers

Nowadays enterprises are looking to transform software development practices to be agile to deliver more software faster. Container technology is...
Read More
Containers and the OWASP Top 10
Container Security

Containers and the OWASP Top 10

The Open Web Application Security Project (OWASP) periodically publishes a list of the top 10 web application security risks.  The...
Read More
Anomaly Detection Systems and Generalization
Anomaly Detection

Anomaly Detection Systems and Generalization

Network servers are always vulnerable to attacks. Therefore security measures to protect vulnerable software are an essential part of securing...
Read More
Container Security
Container Security

Container Security

  To facilitate scalability and resilience, many organizations are running applications in cloud-native environments, with make use of containers and...
Read More
Virtual Patch Creation Phase
Virtual Patching Web Application Firewall

Virtual Patch Creation Phase

Read More
Preparation Phase, Identification Phase and Analyze Phase
Web Application Firewall

Preparation Phase, Identification Phase and Analyze Phase

Preparation Phase The significance of adequately utilizing the preparation phase in respect of virtual patching can't be overstated. Before dealing...
Read More
Virtual Patching in Vulnerability Management
Virtual Patching

Virtual Patching in Vulnerability Management

Virtual patching demands applying a layer of security policy that prevents and intercepts vulnerability exploitation. A productive solution requires the...
Read More
WAF + RASP + Bot Mitigation + DDoS in Kubernetes Platform
Web Application Firewall

WAF + RASP + Bot Mitigation + DDoS in Kubernetes Platform

There are many products out there that work as a WAF. WAF is not really aware of the application it...
Read More
PATCH MANAGEMENT
Web Application Firewall

PATCH MANAGEMENT

Patch Management is a strategic process of acquiring, testing, and installing updated software. But, most of the companies find themselves comply...
Read More
Why Is Virtual Patching So Important?
Web Application Firewall

Why Is Virtual Patching So Important?

Virtual Patching gives a rapid way of a solution to provide web security. Even though the preferred solution is temporary,...
Read More
Why do we need to apply Virtual Patching on the websites?
Virtual Patching

Why do we need to apply Virtual Patching on the websites?

Safeguarding the company's assets against existing and emerging vulnerabilities is the most critical task that security teams are struggling with....
Read More
Virtual Patching Tools
Virtual Patching

Virtual Patching Tools

Various tools are used to achieve Deep Security virtual patching. It includes: Web Application Firewall (WAF) Intrusion Prevention System (IPS)...
Read More
Common Roadblocks to Source Code Fixes
Web Application Firewall

Common Roadblocks to Source Code Fixes

From the technical point of view, the initial mitigation strategy would be for an organization to rectify the discovered vulnerability...
Read More
Advantages of Virtual Patching
Virtual Patching

Advantages of Virtual Patching

Today’s systems can be considered as very advanced as well as complex, with multiple dependencies and interrelationships. It requires a...
Read More
1 26 27 28 29 30 44