Sign-up

ID

VAR-202102-0544


CVE

CVE-2021-1366


TITLE

Windows  for  Cisco AnyConnect Secure Mobility Client  Digital Signature Verification Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-003803

DESCRIPTION

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. Windows for Cisco AnyConnect Secure Mobility Client Exists in a digital signature validation vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. There is a security vulnerability in Cisco AnyConnect Secure Mobility Client. There is no information about this vulnerability at present. Please keep an eye on CNNVD or vendor announcements

Trust: 1.8

sources: NVD: CVE-2021-1366 // JVNDB: JVNDB-2021-003803 // VULHUB: VHN-374420 // VULMON: CVE-2021-1366

AFFECTED PRODUCTS

vendor:ciscomodel:anyconnect secure mobility clientscope:ltversion:4.9.05042

Trust: 1.0

vendor:シスコシステムズmodel:cisco anyconnect secure mobility clientscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-003803 // NVD: CVE-2021-1366

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1366
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1366
value: HIGH

Trust: 1.0

NVD: CVE-2021-1366
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202102-1301
value: HIGH

Trust: 0.6

VULHUB: VHN-374420
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-1366
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-1366
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-374420
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1366
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-1366
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-374420 // VULMON: CVE-2021-1366 // JVNDB: JVNDB-2021-003803 // CNNVD: CNNVD-202102-1301 // NVD: CVE-2021-1366 // NVD: CVE-2021-1366

PROBLEMTYPE DATA

problemtype:CWE-427

Trust: 1.1

problemtype:CWE-347

Trust: 1.0

problemtype:Improper verification of digital signatures (CWE-347) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-374420 // JVNDB: JVNDB-2021-003803 // NVD: CVE-2021-1366

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-1301

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202102-1301

PATCH

title:cisco-sa-anyconnect-dll-hijac-JrcTOQMCurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-hijac-JrcTOQMC

Trust: 0.8

title:Cisco Cisco AnyConnect Secure Mobility Client Repair measures for data forgery problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142450

Trust: 0.6

title:Cisco: Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-anyconnect-dll-hijac-JrcTOQMC

Trust: 0.1

title:CVE-2021-1366 Referencesurl:https://github.com/koztkozt/CVE-2021-1366

Trust: 0.1

title:writeups about analysis CVEs and Exploits on the Windows 2022 2021 2019 2018 2015url:https://github.com/Creamy-Chicken-Soup/writeups-about-analysis-CVEs-and-Exploits-on-the-Windows

Trust: 0.1

title:主流供应商的一些攻击性漏洞汇总url:https://github.com/r0eXpeR/supplier

Trust: 0.1

sources: VULMON: CVE-2021-1366 // JVNDB: JVNDB-2021-003803 // CNNVD: CNNVD-202102-1301

EXTERNAL IDS

db:NVDid:CVE-2021-1366

Trust: 2.6

db:JVNDBid:JVNDB-2021-003803

Trust: 0.8

db:CNNVDid:CNNVD-202102-1301

Trust: 0.7

db:AUSCERTid:ESB-2021.0594

Trust: 0.6

db:VULHUBid:VHN-374420

Trust: 0.1

db:VULMONid:CVE-2021-1366

Trust: 0.1

sources: VULHUB: VHN-374420 // VULMON: CVE-2021-1366 // JVNDB: JVNDB-2021-003803 // CNNVD: CNNVD-202102-1301 // NVD: CVE-2021-1366

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-anyconnect-dll-hijac-jrctoqmc

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2021-1366

Trust: 1.4

url:https://vigilance.fr/vulnerability/cisco-anyconnect-secure-mobility-client-for-windows-executing-dll-code-via-vpn-posture-module-34606

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0594

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/427.html

Trust: 0.1

url:https://github.com/koztkozt/cve-2021-1366

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-374420 // VULMON: CVE-2021-1366 // JVNDB: JVNDB-2021-003803 // CNNVD: CNNVD-202102-1301 // NVD: CVE-2021-1366

SOURCES

db:VULHUBid:VHN-374420
db:VULMONid:CVE-2021-1366
db:JVNDBid:JVNDB-2021-003803
db:CNNVDid:CNNVD-202102-1301
db:NVDid:CVE-2021-1366

LAST UPDATE DATE

2024-11-23T22:25:11.731000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374420date:2022-08-05T00:00:00
db:VULMONid:CVE-2021-1366date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2021-003803date:2021-11-04T09:16:00
db:CNNVDid:CNNVD-202102-1301date:2022-08-08T00:00:00
db:NVDid:CVE-2021-1366date:2024-11-21T05:44:11.470

SOURCES RELEASE DATE

db:VULHUBid:VHN-374420date:2021-02-17T00:00:00
db:VULMONid:CVE-2021-1366date:2021-02-17T00:00:00
db:JVNDBid:JVNDB-2021-003803date:2021-11-04T00:00:00
db:CNNVDid:CNNVD-202102-1301date:2021-02-17T00:00:00
db:NVDid:CVE-2021-1366date:2021-02-17T17:15:12.643