Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-3813Missing Authorization in Cisco Anyconnect Secure Mobility Client

CWE-264CWE-862Missing Authorization5 documents5 sources
Severity
7.8HIGHNVD
EPSS
1.2%
top 21.17%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cisco Anyconnect Secure Mobility Client
Timeline
PublishedFeb 9
Latest updateMay 13

Description

A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-v2w8-r4gc-fv4c: A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated,2022-05-13
CVEList
CVE-2017-3813: A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated,2017-02-09

💥Exploits & PoCs

1
Exploit-DB
Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation2017-02-28

📋Vendor Advisories

1
Cisco
Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability2017-02-08
CVE-2017-3813 — Missing Authorization in Cisco | cvebase