Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-3813

A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system. This vulnerability affects versions prior to released versions 4.4.00243 and later and 4.3.05017 and later. Cisco Bug IDs: CSCvc43976.

Published

2017-02-09T17:59:00.187

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-264
Type: Primary
CWE-862

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	anyconnect_secure_mobility_client	4.0.00048	Yes
Application	cisco	anyconnect_secure_mobility_client	4.0.00051	Yes
Application	cisco	anyconnect_secure_mobility_client	4.0.00052	Yes
Application	cisco	anyconnect_secure_mobility_client	4.0.00057	Yes
Application	cisco	anyconnect_secure_mobility_client	4.0.00061	Yes
Application	cisco	anyconnect_secure_mobility_client	4.1.00028	Yes
Application	cisco	anyconnect_secure_mobility_client	4.1.02011	Yes
Application	cisco	anyconnect_secure_mobility_client	4.1.04011	Yes
Application	cisco	anyconnect_secure_mobility_client	4.1.06013	Yes
Application	cisco	anyconnect_secure_mobility_client	4.1.06020	Yes
Application	cisco	anyconnect_secure_mobility_client	4.1.08005	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.00096	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.01022	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.01035	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.02075	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.03013	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.04018	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.04039	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.05015	Yes
Application	cisco	anyconnect_secure_mobility_client	4.2.06014	Yes
Application	cisco	anyconnect_secure_mobility_client	4.3.00748	Yes
Application	cisco	anyconnect_secure_mobility_client	4.3.01095	Yes
Application	cisco	anyconnect_secure_mobility_client	4.3.02039	Yes
Application	cisco	anyconnect_secure_mobility_client	4.3.03086	Yes
Application	cisco	anyconnect_secure_mobility_client	4.3.04027	Yes

References

http://www.securityfocus.com/bid/96145 ([email protected])
http://www.securitytracker.com/id/1037796 ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-anyconnect Vendor Advisory ([email protected])
https://www.exploit-db.com/exploits/41476/ ([email protected])
http://www.securityfocus.com/bid/96145 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1037796 (af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-anyconnect Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/41476/ (af854a3a-2127-422b-91ae-364da2661108)