Home

CVE-2017-3813

Description

A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system. This vulnerability affects versions prior to released versions 4.4.00243 and later and 4.3.05017 and later. Cisco Bug IDs: CSCvc43976.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
4.649

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2017-3813 are affected in Cisco AnyConnect Secure Mobility Client For Windows 4.3.04027Windows
Multiple Vulnerabilities are affected in Any Connect (Microsoft Store) 4.0.00048Windows
Multiple Vulnerabilities are affected in Any Connect (Microsoft Store) 4.0.00051Windows
Vulnerabilities CVE-2016-6369,CVE-2016-9192,CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.04039Windows
Vulnerabilities CVE-2016-6369,CVE-2016-9192,CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.3.00748Windows
Vulnerabilities CVE-2016-6369,CVE-2016-9192,CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.3.01095Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.0.00052Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.0.00057Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.0.00061Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.1.00028Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.1.02011Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.1.04011Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.1.06013Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.1.06020Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.1.08005Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.00096Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.01022Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.01035Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.02075Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.03013Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.04018Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.05015Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.2.06014Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.3.02039Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.3.03086Windows
Vulnerabilities CVE-2017-3813 are affected in Any Connect (Microsoft Store) 4.3.04027Windows
Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability For Cisco AnyConnect Secure Mobility ClientNCM
Missing Authorization Vulnerability (CVE-2017-3813)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1705981Security Update for Cisco AnyConnect Secure Mobility Client 4.3(2034)
PATCH-338372Cisco AnyConnect Secure Mobility Client (4.10.08029) (Manual Upload Required)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234