VULHUB ™

The Cisco VPN client could allow a local attacker to escalate their privilege level. When the VPN client is set to start prior to logon, it runs with local System privileges. It is possible to replace a VPN client binary with an arbitrary executable, such as 'explorer.exe'. This will be run prior to logon. This is a variant of the issue described in BID 7599.

The Cisco VPN client could allow a local attacker to escalate their privilege level. When the VPN client is set to start prior to logon, it runs with local System privileges. It is possible to replace a VPN client binary with an arbitrary executable, such as 'explorer.exe'. This will be run prior to logon. This is a variant of the issue described in BID 7599.