Details of VAR-201612-0358

ID

VAR-201612-0358

CVE

CVE-2016-9192

TITLE

Windows for Cisco AnyConnect Secure Mobility Client Vulnerable to installing arbitrary executable files

Trust: 0.8

sources: JVNDB: JVNDB-2016-006314

DESCRIPTION

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected Releases: 4.3(2039) 4.3(748). Known Fixed Releases: 4.3(4019) 4.4(225). A local attacker may exploit this issue to execute arbitrary commands with elevated SYSTEM privileges. This issue is being tracked by Cisco Bug ID CSCvb68043

Trust: 2.07

sources: NVD: CVE-2016-9192 // JVNDB: JVNDB-2016-006314 // BID: 94770 // VULHUB: VHN-98012 // VULMON: CVE-2016-9192

AFFECTED PRODUCTS

vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.06073	Trust: 2.4
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.07021	Trust: 2.4
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0.0	Trust: 2.4
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0.00051	Trust: 2.4
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1.0	Trust: 2.4
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.2.04039	Trust: 2.4
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.3.00748	Trust: 2.4
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.0	Trust: 1.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.02043	Trust: 1.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.05182	Trust: 1.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.05187	Trust: 1.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0.00048	Trust: 1.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.2.0	Trust: 1.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.3.0	Trust: 1.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.3.01095	Trust: 1.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1\(60\)	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0\(64\)	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0\(48\)	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0\(2049\)	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1\(8\)	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1 (60)	Trust: 0.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0 (2049)	Trust: 0.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0 (48)	Trust: 0.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0 (64)	Trust: 0.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1 (8)	Trust: 0.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	0	Trust: 0.3

sources: BID: 94770 // JVNDB: JVNDB-2016-006314 // CNNVD: CNNVD-201612-205 // NVD: CVE-2016-9192

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-9192
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-9192
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201612-205
value:	HIGH
Trust: 0.6
VULHUB:	VHN-98012
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-9192
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-9192
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-98012
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-9192
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-98012 // VULMON: CVE-2016-9192 // JVNDB: JVNDB-2016-006314 // CNNVD: CNNVD-201612-205 // NVD: CVE-2016-9192

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-98012 // JVNDB: JVNDB-2016-006314 // NVD: CVE-2016-9192

THREAT TYPE

local

Trust: 0.9

sources: BID: 94770 // CNNVD: CNNVD-201612-205

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201612-205

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-006314

PATCH

title:	cisco-sa-20161207-anyconnect1	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1	Trust: 0.8
title:	Cisco AnyConnect Secure Mobility Client Remedial measures for local privilege escalation	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66246	Trust: 0.6
title:	cve-2016-9192	url:	https://github.com/serializingme/cve-2016-9192	Trust: 0.1
title:	-	url:	https://github.com/khulnasoft-labs/awesome-security	Trust: 0.1

sources: VULMON: CVE-2016-9192 // JVNDB: JVNDB-2016-006314 // CNNVD: CNNVD-201612-205

EXTERNAL IDS

db:	NVD	id:	CVE-2016-9192	Trust: 2.9
db:	BID	id:	94770	Trust: 2.1
db:	SECTRACK	id:	1037409	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-006314	Trust: 0.8
db:	CNNVD	id:	CNNVD-201612-205	Trust: 0.7
db:	VULHUB	id:	VHN-98012	Trust: 0.1
db:	VULMON	id:	CVE-2016-9192	Trust: 0.1

sources: VULHUB: VHN-98012 // VULMON: CVE-2016-9192 // BID: 94770 // JVNDB: JVNDB-2016-006314 // CNNVD: CNNVD-201612-205 // NVD: CVE-2016-9192

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161207-anyconnect1	Trust: 2.1
url:	http://www.securityfocus.com/bid/94770	Trust: 1.8
url:	https://github.com/serializingme/cve-2016-9192	Trust: 1.3
url:	https://github.com/nettitude/poshc2/blob/master/modules/cve-2016-9192.ps1	Trust: 1.2
url:	http://www.securitytracker.com/id/1037409	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9192	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9192	Trust: 0.8
url:	http://www.cisco.com/en/us/products/ps10884/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/264.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-98012 // VULMON: CVE-2016-9192 // BID: 94770 // JVNDB: JVNDB-2016-006314 // CNNVD: CNNVD-201612-205 // NVD: CVE-2016-9192

CREDITS

Duarte Silva.

Trust: 0.9

sources: BID: 94770 // CNNVD: CNNVD-201612-205

SOURCES

db:	VULHUB	id:	VHN-98012
db:	VULMON	id:	CVE-2016-9192
db:	BID	id:	94770
db:	JVNDB	id:	JVNDB-2016-006314
db:	CNNVD	id:	CNNVD-201612-205
db:	NVD	id:	CVE-2016-9192

LAST UPDATE DATE

2024-11-23T22:13:11.707000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-98012	date:	2017-04-04T00:00:00
db:	VULMON	id:	CVE-2016-9192	date:	2017-04-04T00:00:00
db:	BID	id:	94770	date:	2016-12-20T00:08:00
db:	JVNDB	id:	JVNDB-2016-006314	date:	2016-12-20T00:00:00
db:	CNNVD	id:	CNNVD-201612-205	date:	2017-01-04T00:00:00
db:	NVD	id:	CVE-2016-9192	date:	2024-11-21T03:00:46.443

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-98012	date:	2016-12-14T00:00:00
db:	VULMON	id:	CVE-2016-9192	date:	2016-12-14T00:00:00
db:	BID	id:	94770	date:	2016-12-07T00:00:00
db:	JVNDB	id:	JVNDB-2016-006314	date:	2016-12-20T00:00:00
db:	CNNVD	id:	CNNVD-201612-205	date:	2016-12-09T00:00:00
db:	NVD	id:	CVE-2016-9192	date:	2016-12-14T00:59:15.223