virus logo Endpoint Vulnerability

Cisco AnyConnect Secure Mobility Client CVE-2021-1496 Privilege Escalation Vulnerability

description-logoDescription

In Cisco AnyConnect Secure Mobility Client for Windows, authenticated local users can hijack DLL or executable files during install, uninstall, or upgrade, enabling arbitrary code execution with SYSTEM privileges.

affected-products-logoAffected Applications

Cisco AnyConnect Secure Mobility Client

Version Updates

Date Version Status Detail
2024-02-01 1.00623
Modified
 Cisco AnyConnect Secure Mobility Client
2024-01-29 1.00620
Modified
 Cisco AnyConnect Secure Mobility Client
2022-01-20 1.00288
New
 Cisco AnyConnect Secure Mobility Client

References

https://tools.cisco.com/security/center/publicationListing
ID 4011
Created Jan 12, 2022
Description
Updated		 Jan 16, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Cisco
Patch manual
Application Cisco AnyConnect Secure Mobility Client