Sign-up

ID

VAR-202111-0412


CVE

CVE-2021-40124


TITLE

Windows  for  Cisco AnyConnect Secure Mobility Client  Vulnerability in privilege management in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014454

DESCRIPTION

A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges. (DoS) It may be in a state. Cisco Anyconnect Secure Mobility Client is a VPN client software for secure connection from Cisco

Trust: 1.71

sources: NVD: CVE-2021-40124 // JVNDB: JVNDB-2021-014454 // VULHUB: VHN-401514

AFFECTED PRODUCTS

vendor:ciscomodel:anyconnect secure mobility clientscope:ltversion:4.10.03104

Trust: 1.0

vendor:シスコシステムズmodel:cisco anyconnect secure mobility clientscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco anyconnect secure mobility clientscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-014454 // NVD: CVE-2021-40124

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40124
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2021-40124
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-40124
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202111-362
value: HIGH

Trust: 0.6

VULHUB: VHN-401514
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-40124
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-401514
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-40124
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2021-40124
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-40124
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-401514 // JVNDB: JVNDB-2021-014454 // CNNVD: CNNVD-202111-362 // NVD: CVE-2021-40124 // NVD: CVE-2021-40124

PROBLEMTYPE DATA

problemtype:CWE-269

Trust: 1.1

problemtype:CWE-266

Trust: 1.0

problemtype:Improper authority management (CWE-269) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-401514 // JVNDB: JVNDB-2021-014454 // NVD: CVE-2021-40124

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202111-362

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202111-362

PATCH

title:cisco-sa-anyconnect-nam-priv-yCsRNUGTurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT

Trust: 0.8

title:Cisco AnyConnect Secure Mobility Client Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=168893

Trust: 0.6

sources: JVNDB: JVNDB-2021-014454 // CNNVD: CNNVD-202111-362

EXTERNAL IDS

db:NVDid:CVE-2021-40124

Trust: 3.3

db:JVNDBid:JVNDB-2021-014454

Trust: 0.8

db:AUSCERTid:ESB-2021.3669

Trust: 0.6

db:CS-HELPid:SB2021110409

Trust: 0.6

db:CNNVDid:CNNVD-202111-362

Trust: 0.6

db:CNVDid:CNVD-2021-103367

Trust: 0.1

db:VULHUBid:VHN-401514

Trust: 0.1

sources: VULHUB: VHN-401514 // JVNDB: JVNDB-2021-014454 // CNNVD: CNNVD-202111-362 // NVD: CVE-2021-40124

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-anyconnect-nam-priv-ycsrnugt

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-40124

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021110409

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3669

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-anyconnect-secure-mobility-client-for-windows-privilege-escalation-via-network-access-manager-module-36809

Trust: 0.6

sources: VULHUB: VHN-401514 // JVNDB: JVNDB-2021-014454 // CNNVD: CNNVD-202111-362 // NVD: CVE-2021-40124

SOURCES

db:VULHUBid:VHN-401514
db:JVNDBid:JVNDB-2021-014454
db:CNNVDid:CNNVD-202111-362
db:NVDid:CVE-2021-40124

LAST UPDATE DATE

2024-08-14T14:31:31.508000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-401514date:2022-04-25T00:00:00
db:JVNDBid:JVNDB-2021-014454date:2022-10-19T01:44:00
db:CNNVDid:CNNVD-202111-362date:2022-04-26T00:00:00
db:NVDid:CVE-2021-40124date:2023-11-07T03:38:30.743

SOURCES RELEASE DATE

db:VULHUBid:VHN-401514date:2021-11-04T00:00:00
db:JVNDBid:JVNDB-2021-014454date:2022-10-19T00:00:00
db:CNNVDid:CNNVD-202111-362date:2021-11-03T00:00:00
db:NVDid:CVE-2021-40124date:2021-11-04T16:15:09.503