Cybersecurity Advisory | Cisco AnyConnect for Windows Privilege

sv7 · ‎06-11-2023

Hello All,

Received an mail from cisco which states "Cybersecurity Advisory | Cisco AnyConnect for Windows Privilege Escalation Vulnerability" for anyconnect software lower than 4.10 version. Is it impactful for my environment also as i'm using only for Umbrella roaming module. Please find below bug link.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw

aaragonb · ‎06-13-2023

Hello,

I would highly recommend upgrading to a fixed version, and going for the 5.0.02075 directly since version 4 will be end of life by next year:
https://support.umbrella.com/hc/en-us/articles/13785492124692-End-of-life-for-AnyConnect-Client-Version-4-x#:~:text=Cisco%20announces%20the%20end%2Dof,end%20on%20March%2031%2C%202024.

sv7 · ‎06-14-2023

Hi aaragonb,

Thank you for your reply and would definately would go for an update. Furthermore can you please confirm is it that bug can impact my organisation if i'm using only for roaming module ?.

aaragonb · ‎06-15-2023

Hi,

Yes, your organisation may be vulnerable. This bug impacts the core component of Anyconnect/Secure Client, this component is installed as well even if just the Roaming Module was checked during the installation:

More details: https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/Cisco-Secure-Client-5/admin/guide/b-cisco-secure-client-admin-guide-5-0/deploy-anyconnect.html#ID-1425-00000111