Vulnerability in Cisco Anyconnect_secure_mobility_client
CVE-2020-3432
A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem. The vulnerability is due to the incorrec…
EPSS: 0.002 (12.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.6 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H.
Affected products
- Cisco Anyconnect_secure_mobility_client
- Cisco Secure Client — versions N/A
Weakness classification (CWE)
References
- psirt@cisco.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2020-3432?
- CVE-2020-3432 is a medium-severity vulnerability in Cisco Anyconnect_secure_mobility_client, classified under Improper Link Resolution Before File Access. CVSS score: 5.6/10. Published 2025-02-12.
- How severe is CVE-2020-3432?
- Medium severity. CVSS v3 base score is 5.6 out of 10.