Cisco AnyConnect Secure Mobility Client Arbitrary File Read Vulnerability [CVE-2021-1258]

CVE number – CVE-2021-1258

A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device.

The vulnerability is due to insufficient file permission restrictions. An attacker could exploit this vulnerability by sending a crafted command from the local CLI to the application. A successful exploit could allow the attacker to read arbitrary files on the underlying OS of the affected device. The attacker would need to have valid user credentials to exploit this vulnerability.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Vulnerable Products

At the time of publication, this vulnerability affected the following Cisco software releases:

  • AnyConnect Secure Mobility Client for Linux releases earlier than Release 4.9.03047
  • AnyConnect Secure Mobility Client for MacOS releases earlier than Release 4.9.03047
  • AnyConnect Secure Mobility Client for Windows releases earlier than Release 4.9.03049

Fixed Releases

At the time of publication, the following Cisco software releases contained the fix for this vulnerability:

  • AnyConnect Secure Mobility Client for Linux releases 4.9.03047 and later
  • AnyConnect Secure Mobility Client for MacOS releases 4.9.03047 and later
  • AnyConnect Secure Mobility Client for Windows releases 4.9.03049 and later

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: