DLL Hijacking Vulnerability in Cisco Secure Client for Windows
CVE-2025-20206

7.1HIGH

Key Information:

Vendor: Cisco
Status: Cisco Secure Client
Vendor: CVE Published:; 5 March 2025

Badges

👾 Exploit Exists

Summary

A vulnerability in Cisco Secure Client for Windows relates to the interprocess communication (IPC) channel, enabling authenticated local attackers to carry out a DLL hijacking attack. This security issue arises from inadequate validation of resources loaded during the application's runtime. By sending a specially crafted IPC message to a targeted process within Cisco Secure Client, an attacker can potentially execute arbitrary code on the device, operating with SYSTEM privileges. To successfully exploit this vulnerability, the attacker needs to possess valid user credentials on the Windows system where the Cisco Secure Client is installed.

Affected Version(s)

Cisco Secure Client 4.9.00086

Cisco Secure Client 4.9.01095

Cisco Secure Client 4.9.02028

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Mar 5, 2025
Vulnerability published
Mar 5, 2025
Vulnerability Reserved
Oct 10, 2024