Kaspersky Threats

Solutions for:

Kaspersky ID:

KLA10482

Detect Date:

03/17/2015

Updated:

06/03/2020

Description

Multiple serious vulnerabilities have been found in Cisco AnyConnect Secure Mobility Client. Malicious users can exploit these vulnerabilities to gain privileges or write arbitrary files.

Below is a complete list of vulnerabilities

An unknown vulnerability can be exploited locally via a specially deigned IPC messages;
Improper access control implementation and other unknown vulnerability can be exploited locally via a specially designed messages.

Original advisories

CVE list

CVE-2015-0663
high
CVE-2015-0662
high
CVE-2015-0665
high
CVE-2015-0664
warning

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Kaspersky ID:

KLA10482

Detect Date:

03/17/2015

Updated:

06/03/2020

Severity

high

Solution

Update to latest version!
Get AnyConnect Secure Mobility Client

Impacts

WLF

Write Local Files. Exploitation of vulnerabilities with this impact can lead to writing into some inaccessible files. Files that can be read depends on concrete program errors.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected products

Cisco AnyConnect Secure Mobility Client versions earlier than 4.0.00061

Kaspersky Next

Let’s go Next: redefine your business’s cybersecurity

Learn more

New Kaspersky!

Your digital life deserves complete protection!

Learn more

Confirm changes?

Your message has been sent successfully.

Multiple vulnerabilities in Cisco AnyConnect SMC

Description

Original advisories

Related products

CVE list

Read more