This module enables the VPN client to identify the operating system, antivirus, anti-spyware, and firewall software installed on the host. That lead to an investigation by the Core Security team to find additional vulnerabilities on the program.Īfter some digging, we found there was a service listening in localhost on port 1023: The Security Service of An圜onnect Posture (ciscod.exe).Ĭisco An圜onnect Posture is an optional module that you can install along with An圜onnect Secure Mobility Client. The next day, he published a follow-up blogpost on github. ![]() ![]() On August 5th, ethical hacker and cybersecurity professional Antoine Goichot posted on twitter that three vulnerabilities he had discovered on Cisco An圜onnect (CVE-2020-3433, CVE-2020-3434, and CVE-2020-3435) were now public.
0 Comments
Leave a Reply. |