Details of VAR-202011-1023

ID

VAR-202011-1023

CVE

CVE-2020-3556

TITLE

Cisco AnyConnect Secure Mobility Client Software vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-013361

DESCRIPTION

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listener. An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. A successful exploit could allow an attacker to cause the targeted AnyConnect user to execute a script. This script would execute with the privileges of the targeted AnyConnect user. In order to successfully exploit this vulnerability, there must be an ongoing AnyConnect session by the targeted user at the time of the attack. To exploit this vulnerability, the attacker would also need valid user credentials on the system upon which the AnyConnect client is being run. Cisco has not released software updates that address this vulnerability. Cisco AnyConnect Secure Mobility Client There are unspecified vulnerabilities in the software.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Cisco AnyConnect Secure Mobility Client for Linux, etc. are all products of Cisco (Cisco). Cisco AnyConnect Secure Mobility Client for Linux is a Linux-based secure mobile client that provides secure access to networks and applications from any device. Cisco AnyConnect Secure Mobility Client for Android is a secure mobile client based on the Android platform that provides secure access to networks and applications from any device. Cisco AnyConnect Secure Mobility Client for Windows is a Windows-based secure mobile client that provides secure access to networks and applications from any device

Trust: 1.8

sources: NVD: CVE-2020-3556 // JVNDB: JVNDB-2020-013361 // VULHUB: VHN-181681 // VULMON: CVE-2020-3556

AFFECTED PRODUCTS

vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	98.145\(86\)	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.9\(3052\)	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco anyconnect secure mobility client	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-013361 // NVD: CVE-2020-3556

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3556
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3556
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-3556
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202011-332
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181681
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-3556
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-3556
severity:	MEDIUM
baseScore:	4.4
vectorString:	AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.4
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-181681
severity:	MEDIUM
baseScore:	4.4
vectorString:	AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.4
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3556
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.3
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2020-3556
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-181681 // VULMON: CVE-2020-3556 // JVNDB: JVNDB-2020-013361 // CNNVD: CNNVD-202011-332 // NVD: CVE-2020-3556 // NVD: CVE-2020-3556

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.0
problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-013361 // NVD: CVE-2020-3556

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202011-332

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202011-332

PATCH

title:	cisco-sa-anyconnect-ipc-KfQO9QhK	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-ipc-KfQO9QhK	Trust: 0.8
title:	Cisco AnyConnect Secure Mobility Client IPC Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=132761	Trust: 0.6
title:	Cisco: Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-anyconnect-ipc-KfQO9QhK	Trust: 0.1
title:	sec-daily-2020	url:	https://github.com/alphaSeclab/sec-daily-2020	Trust: 0.1

sources: VULMON: CVE-2020-3556 // JVNDB: JVNDB-2020-013361 // CNNVD: CNNVD-202011-332

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3556	Trust: 2.6
db:	JVNDB	id:	JVNDB-2020-013361	Trust: 0.8
db:	CNNVD	id:	CNNVD-202011-332	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.3822	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.3822.4	Trust: 0.6
db:	VULHUB	id:	VHN-181681	Trust: 0.1
db:	VULMON	id:	CVE-2020-3556	Trust: 0.1

sources: VULHUB: VHN-181681 // VULMON: CVE-2020-3556 // JVNDB: JVNDB-2020-013361 // CNNVD: CNNVD-202011-332 // NVD: CVE-2020-3556

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-anyconnect-ipc-kfqo9qhk	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3556	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2020.3822/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-anyconnect-secure-mobility-client-code-execution-via-ipc-33812	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.3822.4/	Trust: 0.6

sources: VULHUB: VHN-181681 // JVNDB: JVNDB-2020-013361 // CNNVD: CNNVD-202011-332 // NVD: CVE-2020-3556

SOURCES

db:	VULHUB	id:	VHN-181681
db:	VULMON	id:	CVE-2020-3556
db:	JVNDB	id:	JVNDB-2020-013361
db:	CNNVD	id:	CNNVD-202011-332
db:	NVD	id:	CVE-2020-3556

LAST UPDATE DATE

2024-11-23T22:37:12.633000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181681	date:	2020-11-20T00:00:00
db:	VULMON	id:	CVE-2020-3556	date:	2020-11-20T00:00:00
db:	JVNDB	id:	JVNDB-2020-013361	date:	2021-06-28T08:08:00
db:	CNNVD	id:	CNNVD-202011-332	date:	2021-05-13T00:00:00
db:	NVD	id:	CVE-2020-3556	date:	2024-11-21T05:31:18.510

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181681	date:	2020-11-06T00:00:00
db:	VULMON	id:	CVE-2020-3556	date:	2020-11-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-013361	date:	2021-06-28T00:00:00
db:	CNNVD	id:	CNNVD-202011-332	date:	2020-11-04T00:00:00
db:	NVD	id:	CVE-2020-3556	date:	2020-11-06T19:15:14.657