CVE-2023-20240 | ByteOS Network

Vulnerability Details :

CVE-2023-20240

Assigner-cisco

Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633

Published At-22 Nov, 2023 | 17:10

Updated At-02 Aug, 2024 | 09:05

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.

EPSS History

Score

Latest Score

-

N/A

Percentile

Latest Percentile

-

N/A

▼Common Vulnerabilities and Exposures (CVE)

Assigner:cisco

Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633

Published At:22 Nov, 2023 | 17:10

Updated At:02 Aug, 2024 | 09:05

▼CVE Numbering Authority (CNA)

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.

Affected Products

Vendor

Cisco Systems, Inc.

Product

Cisco Secure Client

Versions

Affected

4.9.00086
4.9.01095
4.9.02028
4.9.03047
4.9.03049
4.9.04043
4.9.04053
4.9.05042
4.9.06037
4.10.00093
4.10.01075
4.10.02086
4.10.03104
4.10.04065
4.10.04071
4.10.05085
4.10.05095
4.10.05111
4.10.06079
4.10.06090
4.10.07061
4.10.07062
4.10.07073
5.0.00238
5.0.00529
5.0.00556
5.0.01242
5.0.02075
5.0.03072
5.0.03076

Problem Types

Type	CWE ID	Description
cwe	CWE-125	Out-of-bounds Read

Type: cwe

CWE ID: CWE-125

Description: Out-of-bounds Read

Metrics

Version	Base score	Base severity	Vector
3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

References

Hyperlink	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8	N/A

Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8

Resource: N/A

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8	x_transferred

Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8

Resource:

x_transferred

▼National Vulnerability Database (NVD)

Source:ykramarz@cisco.com

Published At:22 Nov, 2023 | 17:15

Updated At:25 Jan, 2024 | 17:15

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Secondary	3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Type: Primary

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Type: Secondary

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CPE Matches

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.00086

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.00086:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.01095

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.01095:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.02028

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.02028:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.03047

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03047:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.03049

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03049:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.04043

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04043:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.04053

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04053:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.05042

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.05042:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>anyconnect_secure_mobility_client>>4.9.06037

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.06037:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.00093

cpe:2.3:a:cisco:secure_client:4.10.00093:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.01075

cpe:2.3:a:cisco:secure_client:4.10.01075:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.02086

cpe:2.3:a:cisco:secure_client:4.10.02086:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.03104

cpe:2.3:a:cisco:secure_client:4.10.03104:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.04065

cpe:2.3:a:cisco:secure_client:4.10.04065:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.04071

cpe:2.3:a:cisco:secure_client:4.10.04071:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.05085

cpe:2.3:a:cisco:secure_client:4.10.05085:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.05095

cpe:2.3:a:cisco:secure_client:4.10.05095:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.05111

cpe:2.3:a:cisco:secure_client:4.10.05111:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.06079

cpe:2.3:a:cisco:secure_client:4.10.06079:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.06090

cpe:2.3:a:cisco:secure_client:4.10.06090:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.07061

cpe:2.3:a:cisco:secure_client:4.10.07061:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.07062

cpe:2.3:a:cisco:secure_client:4.10.07062:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>4.10.07073

cpe:2.3:a:cisco:secure_client:4.10.07073:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>5.0.00238

cpe:2.3:a:cisco:secure_client:5.0.00238:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>5.0.00529

cpe:2.3:a:cisco:secure_client:5.0.00529:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>5.0.00556

cpe:2.3:a:cisco:secure_client:5.0.00556:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>5.0.01242

cpe:2.3:a:cisco:secure_client:5.0.01242:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>5.0.02075

cpe:2.3:a:cisco:secure_client:5.0.02075:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>5.0.03072

cpe:2.3:a:cisco:secure_client:5.0.03072:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>secure_client>>5.0.03076

cpe:2.3:a:cisco:secure_client:5.0.03076:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-125	Primary	nvd@nist.gov
CWE-125	Secondary	ykramarz@cisco.com

CWE ID: CWE-125

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-125

Type: Secondary

Source: ykramarz@cisco.com

References

Hyperlink	Source	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8	ykramarz@cisco.com	Issue Tracking Vendor Advisory

Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8

Source: ykramarz@cisco.com

Resource:

Issue Tracking

Vendor Advisory