CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
9.9%
Multiple serious vulnerabilities have been found in Cisco AnyConnect Secure Mobility Client. Malicious users can exploit these vulnerabilities to gain privileges or write arbitrary files.
Below is a complete list of vulnerabilities
Cisco-AnyConnect-Secure-Mobility-Client
CVE-2015-0663 high
CVE-2015-0662 high
CVE-2015-0665 high
CVE-2015-0664 warning
Update to latest version!
Get AnyConnect Secure Mobility Client
Write Local Files. Exploitation of vulnerabilities with this impact can lead to writing into some inaccessible files. Files that can be read depends on concrete program errors.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.