COOEY // HUBcompliance · community · intelligence

FAIL › dossier

AnyConnect Secure product

2
failure events
0
zero-days
0
RCEs
2
on KEV
2
critical
80
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2022-10-24 CVE-2020-3433 critical ⌖KEV 80 Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine wi
2022-10-24 CVE-2020-3153 critical ⌖KEV 80 Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL h