Get a Pentest and security assessment of your IT network.

Cyber Security

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Cisco has disclosed a zero-day vulnerability in the Windows, MacOS and Linux versions of its AnyConnect Secure Mobility Client Software. The flaw (CVE-2020-3556) is an arbitrary code execution vulnerability with a CVSS score of 7.3 out of 10, making it high severity. There are no workarounds that address this vulnerability, one mitigation is to disable the Auto Update and Enable Scripting features. The vulnerability exists in the interprocess communication (IPC) channel.

Source: https://threatpost.com/cisco-zero-day-anyconnect-secure-patch/160988/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation