CVE-2021-40124

CWE-266 CWE-269 — Improper Privilege Management4 documents4 sources

Severity

7.8HIGH

EPSS

0.0%

top 89.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Anyconnect Secure Mobility Client Cisco Cisco Anyconnect Secure Mobility Client

Timeline

PublishedNov 4

Latest updateMay 24

Description

A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

▶NVDcisco/anyconnect_secure_mobility_client< 4.10.03104

▶CVEListV5cisco/cisco_anyconnect_secure_mobility_clientn/a

🔴Vulnerability Details

GHSA

GHSA-x848-mf45-8cv4: A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local↗2022-05-24

▶

CVEList

Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability↗2021-11-04

▶

📋Vendor Advisories

Cisco

Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability↗2021-11-03

▶