Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-1567— Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability

CVSS 7.0 · High EPSS 0.04% · P12
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-1567

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco AnyConnect Secure Mobility Client for Windows 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco AnyConnect Secure Mobility Client for Windows是美国思科(Cisco)公司的一款基于Windows平台的可通过任何设备安全访问网络和应用的安全移动客户端。 Cisco AnyConnect Secure Mobility Client 在Windows上存在代码问题漏洞,该漏洞源于受影响设备上加载的DLL文件的签名验证过程中的竞争条件。如果AnyConnect客户端上安装了VPN Posture (HostScan)模块,则通过身份验证的本地攻击者可
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
CiscoCisco AnyConnect Secure Mobility Client n/a -

II. Public POCs for CVE-2021-1567

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-1567

登录查看更多情报信息。

Same Patch Batch · Cisco · 2021-06-16 · 11 CVEs total

CVE-2021-15667.4 HIGHCisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vul
CVE-2021-15427.2 HIGHCisco Small Business 220 Series Smart Switches Vulnerabilities
CVE-2021-15437.2 HIGHCisco Small Business 220 Series Smart Switches Vulnerabilities
CVE-2021-15717.2 HIGHCisco Small Business 220 Series Smart Switches Vulnerabilities
CVE-2021-15417.2 HIGHCisco Small Business 220 Series Smart Switches Vulnerabilities
CVE-2021-15696.5 MEDIUMCisco Jabber Desktop and Mobile Client Software Vulnerabilities
CVE-2021-15706.5 MEDIUMCisco Jabber Desktop and Mobile Client Software Vulnerabilities
CVE-2021-15685.5 MEDIUMCisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability
CVE-2021-13954.7 MEDIUMCisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability
CVE-2021-15244.3 MEDIUMCisco Meeting Server API Denial of Service Vulnerability

IV. Related Vulnerabilities

Same product: Cisco AnyConnect Secure Mobility Client
Same vendor: Cisco
Same weakness: CWE-367

V. Comments for CVE-2021-1567

No comments yet

Leave a comment