Threat Post

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Cisco also disclosed high-severity vulnerabilities in its Webex and SD-WAN products. Cisco has disclosed a zero-day vulnerability – for which there is not yet a patch – in the Windows, macOS and Linux ...
TechRadar

Cisco tells Secure Client users to patch immediately or risk VPN security flaw

Networking giant Cisco has patched a high-severity flaw in one of its software products which could be leveraged to open a VPN session with a target endpoint. The flaw is found in Secure Client, and ...
TechRadar

Cisco has fixed a highly severe flaw in its business VPN - so patch now

Cisco released a patch for a high-severity flaw that was plaguing its Cisco Secure Client. The flaw, tracked as CVE-2023-20178, allowed threat actors elevate account privileges and tamper with the ...
Dark Reading

Patch Now: Cisco AnyConnect Bug Exploit Released in the Wild

A security researcher has dropped a proof-of-concept (POC) exploit for a just-patched, high-severity security vulnerability in Cisco's client software for remote workers looking to connect to VPNs.
Bleeping Computer

Cisco fixes AnyConnect bug giving Windows SYSTEM privileges

Cisco has fixed a high-severity vulnerability found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) software that can let attackers escalate privileges to the SYSTEM account used ...
Bleeping Computer

Cisco discloses AnyConnect VPN zero-day, exploit code available

Cisco has disclosed today a zero-day vulnerability in the Cisco AnyConnect Secure Mobility Client software with proof-of-concept exploit code publicly available. While security updates are not yet ...