CVE-2015-0664

Cisco AnyConnect Secure Mobility Client < 4.0(.00051) - Privilege Escalation via IPC Channel Message Crafting

Title source: llm
STIX 2.1

Description

The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=37861
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031932

Scores

EPSS 0.0032
EPSS Percentile 23.6%

Details

CWE
CWE-20
Status published
Products (1)
cisco/anyconnect_secure_mobility_client < 4.0\(.00051\)
Published Mar 18, 2015
Tracked Since Feb 18, 2026