Description
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
Scores
EPSS
0.0389
EPSS Percentile
89.0%
Details
CWE
CWE-20
Status
published
Products (16)
cisco/anyconnect_secure_mobility_client
2.0
cisco/anyconnect_secure_mobility_client
2.1
cisco/anyconnect_secure_mobility_client
2.2
cisco/anyconnect_secure_mobility_client
2.2.128
cisco/anyconnect_secure_mobility_client
2.2.133
cisco/anyconnect_secure_mobility_client
2.2.136
cisco/anyconnect_secure_mobility_client
2.2.140
cisco/anyconnect_secure_mobility_client
2.3
cisco/anyconnect_secure_mobility_client
2.3.185
cisco/anyconnect_secure_mobility_client
2.3.254
... and 6 more
Published
Jun 20, 2012
Tracked Since
Feb 18, 2026