CVE-2017-6638

Description

A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. The attacker would need valid user credentials to exploit this vulnerability. This vulnerability affects all Cisco AnyConnect Secure Mobility Client for Windows software versions prior to 4.4.02034. Cisco Bug IDs: CSCvc97928.

Risk Information

Base Score

7.8

MODERATE

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

0.062

Associated Vulnerability

Vulnerability	OS Platform
Vulnerability CVE-2017-6638 are affected in Cisco AnyConnect Secure Mobility Client For Windows 4.4.00243	Windows
Vulnerabilities CVE-2017-6638 are affected in Any Connect (Microsoft Store) 4.4.00243	Windows
Cisco AnyConnect Local Privilege Escalation Vulnerability For Cisco AnyConnect Secure Mobility Client	NCM
Improper Input Validation Vulnerability (CVE-2017-6638)	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1705981	Security Update for Cisco AnyConnect Secure Mobility Client 4.3(2034)
PATCH-338372	Cisco AnyConnect Secure Mobility Client (4.10.08029) (Manual Upload Required)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234