Threat Post

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Cisco also disclosed high-severity vulnerabilities in its Webex and SD-WAN products. Cisco has disclosed a zero-day vulnerability – for which there is not yet a patch – in the Windows, macOS and Linux ...
Bleeping Computer

Exploit released for Cisco AnyConnect bug giving SYSTEM privileges

Proof-of-concept exploit code is now available for a high-severity flaw in Cisco Secure Client Software for Windows (formerly AnyConnect Secure Mobility Client) that can let attackers elevate ...
Bleeping Computer

Cisco fixes 6-month-old AnyConnect VPN zero-day with exploit code

Cisco has fixed a six-month-old zero-day vulnerability found in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. The company's ...
PC World

Cisco fixes privilege escalation flaws in AnyConnect Secure Mobility Client

The Cisco AnyConnect Secure Mobility Client has been updated to fix vulnerabilities that could allow attackers to gain system or root privileges on Windows, Linux and Mac OS X computers. The ...
Ars Technica

iOS 12.x/Cisco AnyConnect Secure Mobility

At my shop, we previously used the Legacy Cisco AnyConnect Secure Mobility client. With the advent of iOS 12.x, while we're able to successfully complete enrollment in two-factor, the certificates are ...