Cisco has patched a Cisco AnyConnect Secure Mobility Client DLL hijacking vulnerability (CVE-2021-1366).
An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.
In a security advisory released on February 17, 2021, Cisco addressed a DLL hijacking vulnerability (CVE-2021-1366) in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows.
Cisco explained that a local attacker could “perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client.”
“An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges,” Cisco warned in the advisory.
Moreover, his vulnerability impacts Cisco AnyConnect Secure Mobility Client for Windows running Release 4.9.05042 (or older) that have the VPN Posture (HostScan) Module installed.
There were no known active exploits of the vulnerability at the time of the advisory.
Readers can check out the latest Cisco advisories as of February 18, 2021. System and Network administrators should deploy security updates to affected devices as soon as possible.