Cisco Secure Client Software for Windows, previously known as AnyConnect Secure Mobility Client, has been found to have a significant vulnerability (CVE-2023-20178) that enables attackers to elevate their privileges to the SYSTEM account without requiring any user interaction. Cisco has responded promptly by releasing security updates to address this issue. To demonstrate the severity of the vulnerability, a researcher has published proof-of-concept exploit code showcasing arbitrary file deletion and privilege escalation. It is worth noting that previous security weaknesses in Cisco AnyConnect have been mentioned in the past.
To safeguard against this vulnerability, organizations are strongly advised to promptly update their Cisco Secure Client Software. By applying the provided security updates, organizations can protect their systems from potential exploitation and ensure the integrity of their environments.