06-11-2023 11:39 PM
Hello All,
Received an mail from cisco which states "Cybersecurity Advisory | Cisco AnyConnect for Windows Privilege Escalation Vulnerability" for anyconnect software lower than 4.10 version. Is it impactful for my environment also as i'm using only for Umbrella roaming module. Please find below bug link.
06-13-2023 07:09 AM
Hello,
I would highly recommend upgrading to a fixed version, and going for the 5.0.02075 directly since version 4 will be end of life by next year:
https://support.umbrella.com/hc/en-us/articles/13785492124692-End-of-life-for-AnyConnect-Client-Version-4-x#:~:text=Cisco%20announces%20the%20end%2Dof,end%20on%20March%2031%2C%202024.
06-14-2023 10:46 PM
Hi aaragonb,
Thank you for your reply and would definately would go for an update. Furthermore can you please confirm is it that bug can impact my organisation if i'm using only for roaming module ?.
06-15-2023 09:49 AM
Hi,
Yes, your organisation may be vulnerable. This bug impacts the core component of Anyconnect/Secure Client, this component is installed as well even if just the Roaming Module was checked during the installation:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide