Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
CVE-2020-3153

6.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Anyconnect Secure Mobility Client
Vendor: CVE Published:; 19 February 2020

Badges

💰 Ransomware👾 Exploit Exists🟡 Public PoC🟣 EPSS 43%🦅 CISA Reported

What is CVE-2020-3153?

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.

CISA has reported CVE-2020-3153

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2020-3153 as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Cisco AnyConnect Secure Mobility Client < unspecified

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-3153
Created by goichot

CVE-2020-3153
Created by shubham0d