CVE-2020-3556

Name of the Vulnerable Software and Affected Versions Cisco AnyConnect Secure Mobility Client Software (affected versions not specified)

Description A vulnerability in the interprocess communication (IPC) channel could allow an authenticated, local attacker to cause a targeted user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listener. An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. A successful exploit could allow an attacker to cause the targeted user to execute a script, which would execute with the privileges of the targeted user. To exploit this vulnerability, there must be an ongoing AnyConnect session by the targeted user at the time of the attack, and the attacker would also need valid user credentials on the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the IPC listener to minimize the risk of exploitation. Additionally, ensure that only authorized users have valid credentials on the system upon which the AnyConnect client is being run.