Cisco Releases Security Advisory for Vulnerability in AnyConnect Software

Original release date: December 7, 2020 | Last revised: December 8, 2020

Cisco has released security updates to address vulnerabilities in AnyConnect Secure Mobility Client Software and Security Manager. An attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates or workarounds.

AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
cisco-sa-anyconnect-ipc-KfQO9QhK
Security Manager Java Deserialization Vulnerabilities
cisco-sa-csm-java-rce-mWJEedcD

This product is provided subject to this Notification and this Privacy & Use policy.