Show plain JSON{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-20178", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "dateUpdated": "2024-08-02T09:05:34.960Z", "dateReserved": "2022-10-27T00:00:00", "datePublished": "2023-06-28T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-01-25T16:57:50.608Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.\r\n\r This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges."}], "affected": [{"vendor": "Cisco", "product": "Cisco Secure Client", "versions": [{"version": "4.9.00086", "status": "affected"}, {"version": "4.9.01095", "status": "affected"}, {"version": "4.9.02028", "status": "affected"}, {"version": "4.9.03047", "status": "affected"}, {"version": "4.9.03049", "status": "affected"}, {"version": "4.9.04043", "status": "affected"}, {"version": "4.9.04053", "status": "affected"}, {"version": "4.9.05042", "status": "affected"}, {"version": "4.9.06037", "status": "affected"}, {"version": "4.10.00093", "status": "affected"}, {"version": "4.10.01075", "status": "affected"}, {"version": "4.10.02086", "status": "affected"}, {"version": "4.10.03104", "status": "affected"}, {"version": "4.10.04065", "status": "affected"}, {"version": "4.10.04071", "status": "affected"}, {"version": "4.10.05085", "status": "affected"}, {"version": "4.10.05095", "status": "affected"}, {"version": "4.10.05111", "status": "affected"}, {"version": "4.10.06079", "status": "affected"}, {"version": "4.10.06090", "status": "affected"}, {"version": "5.0.00238", "status": "affected"}, {"version": "5.0.00529", "status": "affected"}, {"version": "5.0.00556", "status": "affected"}, {"version": "5.0.01242", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Incorrect Default Permissions", "type": "cwe", "cweId": "CWE-276"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw", "name": "cisco-sa-ac-csc-privesc-wx4U4Kw"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-ac-csc-privesc-wx4U4Kw", "discovery": "EXTERNAL", "defects": ["CSCwe00252"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:34.960Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw", "name": "cisco-sa-ac-csc-privesc-wx4U4Kw", "tags": ["x_transferred"]}]}]}} 
ReportizFlow
MITRE
Vulnrichment
NVD
Redhat