Auto-merge PR#4542

2025-06-08 05:58:08 +00:00 · 2020-08-17 14:07:04 -04:00 · 2020-08-17 14:07:04 -04:00 · e169c4d0d7
commit e169c4d0d7
parent c71328959a 101b471b26
1 changed files with 75 additions and 7 deletions
--- a/2020/3xxx/CVE-2020-3433.json
+++ b/2020/3xxx/CVE-2020-3433.json
@ -1,18 +1,86 @@
 {
    "data_type": "CVE",
    "data_format": "MITRE",
    "data_version": "4.0",
    "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2020-08-05T16:00:00",
        "ID": "CVE-2020-3433",
-        "ASSIGNER": "cve@mitre.org",
+        "STATE": "PUBLIC",
-        "STATE": "RESERVED"
+        "TITLE": "Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Cisco AnyConnect Secure Mobility Client ",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Cisco"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "\r A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.\r The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.\r "
            }
        ]
    },
    "exploit": [
        {
            "lang": "eng",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
    ],
    "impact": {
        "cvss": {
            "baseScore": "7.8",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ",
            "version": "3.0"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-427"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "20200805 Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability",
                "refsource": "CISCO",
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW"
            }
        ]
    },
    "source": {
        "advisory": "cisco-sa-anyconnect-dll-F26WwJW",
        "defect": [
            [
                "CSCvu14943"
            ]
        ],
        "discovery": "INTERNAL"
    }
 }