Vulnerability in Cisco Anyconnect_secure_mobility_client

CVE-2015-0662

Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privileges via crafted IPC messages that trigger use of root privileges for a software-package installation, aka Bug ID CSCus79385.

EPSS: 0.001 (24.6th percentile) — read the EPSS interpretation.

Affected products

Cisco Anyconnect_secure_mobility_client
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

20150314 Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
1031933 (vdb-entry, x_refsource_SECTRACK)