Cisco Releases Security Updates for Multiple Products

Updates address one High severity vulnerability in AnyConnect Secure Mobility Client Software and Secure Client Software in addition to four other vulnerabilities

Threat ID:: CC-4344
Threat Severity:: Information only
Published:: 22 June 2023 3:59 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Updates address one High severity vulnerability in AnyConnect Secure Mobility Client Software and Secure Client Software in addition to four other vulnerabilities

Affected platforms

The following platforms are known to be affected:

Versions: 4.10 and earlier

Cisco AnyConnect Secure Mobility Client

Versions: 2.0.0

Cisco Duo Two-Factor Authentication for macOS

Versions: Cisco AsyncOS Release 15.0 and earlier

Cisco Secure Email and Web Manager

Versions: Cisco AsyncOS Release 15.0 and earlier

Cisco Secure Email Gateway

Versions: Cisco AsyncOS Release 15.0 and earlier

Cisco Secure Web Appliance

Versions: 5.0

Cisco Secure Client for Windows

Threat details

Introduction

Cisco has released security updates to address one High and four Medium severity vulnerabilities.

The High severity vulnerability involves the client update feature of AnyConnect Secure Mobility Client Software for Windows and Secure Client Software for Windows, and could allow a low-privileged, authenticated, local attacker to escalate privileges.

The vulnerability known as CVE-2023-20199 involves Duo Two-Factor Authentication for macOS, which could allow an authenticated, physical attacker to bypass secondary authentication and access an affected macOS device.

Multiple vulnerabilities in the web-based management interface of AsyncOS Software for Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow the attacker to execute arbitrary script code.

Proof-of-concept released for CVE-2023-20178

A proof-of-concept has been released for CVE-2023-20178, a privilege escalation vulnerability in AnyConnect Secure Mobility Client Software for Windows and Secure Client Software for Windows. Exploitation is more likely.

Remediation advice

Affected organisations are encouraged to review the following Cisco Security Advisories for more information.

Remediation steps

Type	Step
Patch	Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows Privilege Escalation Vulnerability \| cisco-sa-ac-csc-privesc-wx4U4Kw https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw
Patch	Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities \| cisco-sa-esa-sma-wsa-xss-cP9DuEmq https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq
Patch	Cisco Duo Two-Factor Authentication for macOS Authentication Bypass Vulnerability \| cisco-sa-duo-mac-bypass-OyZpVPnx https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-mac-bypass-OyZpVPnx

Definitive source of threat updates

https://sec.cloudapps.cisco.com/security/center/publicationListing.x

CVE Vulnerabilities

CVE-2023-20178

CVE-2023-20199

CVE-2023-20119

CVE-2023-20028

CVE-2023-20120

Last edited: 22 June 2023 3:59 pm