⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2022-11-14.
CVE-2020-3433
Severity
7.8HIGH
EPSS
4.5%
top 10.91%
CISA KEV
KEVRansomware
Added 2022-10-24
Due 2022-11-14
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedAug 17
KEV addedOct 24
KEV dueNov 14
CISA Required Action: Apply updates per vendor instructions.
Description
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages2 packages
🔴Vulnerability Details
3GHSA▶
GHSA-v63m-wv25-vhmp: A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, l↗2022-05-24