Exploit released for Cisco AnyConnect bug giving SYSTEM privileges

From bleepingcomputer.com

Proof-of-concept exploit code is now available for a high-severity flaw in Cisco Secure Client Software for Windows (formerly AnyConnect Secure Mobility Client) that can let attackers elevate privileges to SYSTEM.

Cisco Secure Client helps employees to work from anywhere using a secure Virtual Private Network (VPN) and provides network admins with telemetry and endpoint management features.

The vulnerability (tracked as CVE-2023-20178) can let authenticated threat actors escalate privileges to the SYSTEM account used by the Windows operating system in low-complexity attacks that don’t require user interaction.

Successful exploitation requires abusing what Cisco describes as a “specific function of the Windows installer process.”

Cisco released security updates to address this security bug last Tuesday when it said its Product Security Incident Response Team (PSIRT) did not have evidence of malicious use or public exploit code targeting the bug in the wild.

CVE-2023-20178 was fixed with the release of AnyConnect Secure Mobility Client for Windows 4.10MR7 and Cisco Secure Client for Windows 5.0MR2.

Read more…