BACK TO INTEL

Archives

Classification

Clear Filter
Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
ERP
Information Technology
Infrastructure
Infrastructure Security
Application Delivery Controllers
Message Broking
Windows Remote Access Clients
Local Privilege Escalation DLL Hijacking
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

FeedLocal Privilege Escalation DLL Hijacking

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2020-3433

CVE-2020-3433: Critical DLL Hijacking in Cisco AnyConnect Secure Mobility Client

Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.

AnyConnect Secure Mobility Client
View Detail