Re: Cisco Secure Client CVE-2024-20337 - Page 2

ansto · ‎04-17-2024

Following upgrading to upgrading to 5.1.2.42 to fix the vulnerability CVE-2024-20337

Within Microsoft Defender this is still flagged as vulnerability for the CVE

It appears to refer to a component of the install:

C:\Program Files (x86)\Cisco\Cisco Secure Client\acsocktool.exe\acsocktool.exe

Cisco secure Client Socket Filter Tool v5.1.2.22

Question is if this version is covers the vulnerability why is a component still being flagged as a vulnerability?

Thanks

mcoombe · ‎05-05-2024

@stsarang we have a large number of M365 tenants reporting this vulnerability and in all cases Microsoft Defender is reporting "C:\Program Files (x86)\Cisco\Cisco Secure Client\acsocktool.exe" as version 5.1.2.22 regardless of whether version 5.1.2.42 or version 5.1.3.62 is installed on the machine. Can Cisco either update the version of acsocktool.exe to version 5.1.2.42 or work with Microsoft to remove the classification of this file as vulnerable.

Shazz · ‎05-13-2024

@mcoombes Do you have any further updates on this please?

mcoombe · ‎05-14-2024

@Shazz I have seen no further updates from either Microsoft or Cisco. Looks like the latest Cisco Secure Client version is still 5.1.3.62 and my guess is we will have to wait for the next release before this is resolved.

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/Cisco-Secure-Client-5/release/notes/release-notes-cisco-secure-client-5-1.html