Vigil@nce - Cisco AnyConnect Secure Mobility Client: privilege escalation via Identity Services Engine
August 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use Identity Services Engine of Cisco AnyConnect
Secure Mobility Client, in order to escalate his privileges.
Impacted products: Cisco AnyConnect Secure Mobility Client,
AnyConnect VPN Client
Severity: 2/4
Creation date: 01/06/2015
DESCRIPTION OF THE VULNERABILITY
The Cisco AnyConnect Secure Mobility Client product uses Cisco
Identity Services Engine (ISE).
However, a local attacker can bypass access restrictions of ISE to
execute privileged commands.
An attacker can therefore use Identity Services Engine of Cisco
AnyConnect Secure Mobility Client, in order to escalate his
privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN