Valid user credentials on the system on which the An圜onnect client is being run by the targeted user.Note: To successfully exploit this vulnerability, an attacker would need all of the following: This script would execute with the privileges of the targeted An圜onnect user. A successful exploit could allow an attacker to cause the targeted An圜onnect user to execute a script. An attacker could exploit this vulnerability by sending crafted IPC messages to the An圜onnect client IPC listener. The vulnerability is due to a lack of authentication to the IPC listener. A vulnerability in the interprocess communication (IPC) channel of Cisco An圜onnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted An圜onnect user to execute a malicious script.
0 Comments
Leave a Reply. |