Description
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system. This vulnerability affects versions prior to released versions 4.4.00243 and later and 4.3.05017 and later. Cisco Bug IDs: CSCvc43976.
Exploits (1)
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-anyconnect
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/41476/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037796
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96145
Scores
CVSS v3
7.8
EPSS
0.0119
EPSS Percentile
78.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-862
CWE-264
Status
published
Products (26)
cisco/anyconnect_secure_mobility_client
4.0.00048
cisco/anyconnect_secure_mobility_client
4.0.00051
cisco/anyconnect_secure_mobility_client
4.0.00052
cisco/anyconnect_secure_mobility_client
4.0.00057
cisco/anyconnect_secure_mobility_client
4.0.00061
cisco/anyconnect_secure_mobility_client
4.1.00028
cisco/anyconnect_secure_mobility_client
4.1.02011
cisco/anyconnect_secure_mobility_client
4.1.04011
cisco/anyconnect_secure_mobility_client
4.1.06013
cisco/anyconnect_secure_mobility_client
4.1.06020
... and 16 more
Published
Feb 09, 2017
Tracked Since
Feb 18, 2026