Advertisement
Top
image credit: Adobe Stock

Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities

October 26, 2022

Via: The Hacker News
Category:

Cisco has warned of active exploitation attempts targeting a pair of two-year-old security flaws in the Cisco AnyConnect Secure Mobility Client for Windows.

Tracked as CVE-2020-3153 (CVSS score: 6.5) and CVE-2020-3433 (CVSS score: 7.8), the vulnerabilities could enable local authenticated attackers to perform DLL hijacking and copy arbitrary files to system directories with elevated privileges.

While CVE-2020-3153 was addressed by Cisco in February 2020, a fix for CVE-2020-3433 was shipped in August 2020.

Read More on The Hacker News

RELATED PUBLICATIONS

Nearly 4-year-old Cisco vuln linked to recent Akira ransomware attacks
VPN users beware — security flaws are being exploited to spread dangerous malware
Multiple flaws in pfSense firewall can lead to arbitrary code execution

Latest Publications

Google fixed critical Chrome vulnerability CVE-2024-4058
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
AI set to play key role in future phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!