04-17-2024 06:49 AM
Following upgrading to upgrading to 5.1.2.42 to fix the vulnerability CVE-2024-20337
Within Microsoft Defender this is still flagged as vulnerability for the CVE
It appears to refer to a component of the install:
C:\Program Files (x86)\Cisco\Cisco Secure Client\acsocktool.exe\acsocktool.exe
Cisco secure Client Socket Filter Tool v5.1.2.22
Question is if this version is covers the vulnerability why is a component still being flagged as a vulnerability?
Thanks
05-05-2024 10:09 PM
@stsarang we have a large number of M365 tenants reporting this vulnerability and in all cases Microsoft Defender is reporting "C:\Program Files (x86)\Cisco\Cisco Secure Client\acsocktool.exe" as version 5.1.2.22 regardless of whether version 5.1.2.42 or version 5.1.3.62 is installed on the machine. Can Cisco either update the version of acsocktool.exe to version 5.1.2.42 or work with Microsoft to remove the classification of this file as vulnerable.
05-13-2024 03:50 AM
@mcoombes Do you have any further updates on this please?
05-14-2024 01:57 AM
@Shazz I have seen no further updates from either Microsoft or Cisco. Looks like the latest Cisco Secure Client version is still 5.1.3.62 and my guess is we will have to wait for the next release before this is resolved.
https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/Cisco-Secure-Client-5/release/notes/release-notes-cisco-secure-client-5-1.html
06-21-2024 12:18 PM
Good news - testing Secure Client 5.1.4.74 and MDE portal seems to be not reporting this version as a risk!
06-21-2024 12:20 PM
what is the version of the acsocktool.exe you have in the new install?
06-21-2024 01:03 PM
acsocktool.exe is now 5.1.4.55
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide