BACK TO INTEL

Archives

Classification

Clear Filter
Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
ERP
Information Technology
Infrastructure
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Cisco SD-WAN
Citrix Application Delivery
VPN Solutions
Uncontrolled Search Path Vulnerability
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

FeedVPN Solutions

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2020-3153

CVE-2020-3153: Defending Against Cisco AnyConnect Privilege Escalation and DLL Hijacking

Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.

AnyConnect Secure
View Detail