Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-2039 β€” Improper Input Validation in Cisco Anyconnect Secure Mobility Client

CWE-20 β€” Improper Input Validation5 documents5 sources
Severity
7.6HIGHNVD
EPSS
84.1%
top 0.69%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cisco Anyconnect Secure Mobility Client
Timeline
PublishedJun 2
Latest updateMay 17

Description

The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a certain ActiveX control in vpnweb.ocx, aka Bug ID CSCsy00904.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages1 packages

πŸ”΄Vulnerability Details

2
GHSA
GHSA-vjg9-jfmj-x6jf: The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2β†—2022-05-17
β–Ά
CVEList
CVE-2011-2039: The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2β†—2011-06-02
β–Ά

πŸ’₯Exploits & PoCs

1
Exploit-DB
Cisco AnyConnect VPN Client - ActiveX URL Property Download and Execute (Metasploit)β†—2011-06-06
β–Ά

πŸ”Detection Rules

1
Suricata
ET ACTIVEX Cisco AnyConnect VPN Secure Mobility Client Cisco.AnyConnect.VPNWeb.1 Arbitrary Program Execution Attempt↗2011-06-03
β–Ά
CVE-2011-2039 β€” Improper Input Validation in Cisco | cvebase