Skip to main content

Secure Client

9 CVEs product

Monthly

CVE-2025-20206 HIGH This Week

A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Jwt Attack RCE Cisco Secure Client +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2024-20474 MEDIUM This Month

A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Cisco Denial Of Service Microsoft Anyconnect Secure Mobility Client +1
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-20391 MEDIUM This Month

A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Cisco Secure Client
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2024-3661 HIGH POC This Week

DHCP can add routes to a client’s routing table via the classless static route option (121). Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Forticlient Anyconnect Vpn Client Secure Client Globalprotect +5
NVD
CVSS 3.1
7.6
EPSS
4.1%
CVE-2024-20338 HIGH This Week

A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Cisco Secure Client
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2024-20337 HIGH This Week

A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco Secure Client
NVD
CVSS 3.1
8.2
EPSS
29.9%
CVE-2023-20241 MEDIUM This Month

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service Cisco Anyconnect Secure Mobility Client +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-20240 MEDIUM This Month

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service Cisco Anyconnect Secure Mobility Client +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-20178 HIGH This Week

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Microsoft Anyconnect Secure Mobility Client Secure Client
NVD
CVSS 3.1
7.8
EPSS
5.4%
EPSS 0% CVSS 7.1
HIGH This Week

A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Jwt Attack RCE +3
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Cisco Denial Of Service +3
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Cisco +1
NVD
EPSS 4% CVSS 7.6
HIGH POC This Week

DHCP can add routes to a client’s routing table via the classless static route option (121). Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Forticlient Anyconnect Vpn Client +7
NVD
EPSS 1% CVSS 7.3
HIGH This Week

A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Cisco Secure Client
NVD
EPSS 30% CVSS 8.2
HIGH This Week

A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco Secure Client
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service +3
NVD
EPSS 5% CVSS 7.8
HIGH This Week

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Microsoft +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy