Anyconnect
Monthly
Remote denial-of-service vulnerability in the Cisco AnyConnect VPN server affecting Cisco Meraki MX and Z Series Teleworker Gateway devices. An unauthenticated attacker can exploit variable initialization errors during SSL VPN session establishment by sending crafted HTTPS requests, causing the AnyConnect service to restart and disconnecting all active VPN sessions while blocking new connections. With a CVSS score of 8.6 and network-exploitable attack vector requiring no authentication, this vulnerability poses significant risk to organizations relying on these devices for remote access infrastructure.
Remote denial-of-service vulnerability in the Cisco AnyConnect VPN server affecting Cisco Meraki MX and Z Series Teleworker Gateway devices. An unauthenticated attacker can exploit variable initialization errors during SSL VPN session establishment by sending crafted HTTPS requests, causing the AnyConnect service to restart and disconnecting all active VPN sessions while blocking new connections. With a CVSS score of 8.6 and network-exploitable attack vector requiring no authentication, this vulnerability poses significant risk to organizations relying on these devices for remote access infrastructure.