CVE-2020-3556 | Cisco AnyConnectËÁÒâ´úÂëÖ´Ðзì϶¹«¸æ

°ä²¼¹¦·ò 2020-11-05

0x00 ·ì϶¸ÅÊö

CNVD   ID

CVE-2020-3556

ʱ    ¼ä

2020-11-05

Àà    ÐÍ

´úÂëÖ´ÐÐ

µÈ    ¼¶

¸ßΣ

Ô¶³ÌÀûÓÃ

ÊÇ

Ó°ÏìÁìÓò

AnyConnect¿Í»§¶Ë£ºLinux°æ±¾

MacOS°æ±¾

Windows°æ

 

0x01 ·ì϶ÏêÇé

 

image.png

2020Äê11ÔÂ04ÈÕ£¬Cisco°ä²¼Éæ¼°Æä¶à¸ö²úÆ·µÄ25¸ö°²È«¸üУ¬ÆäÖÐÓÐ12¸ö·ì϶ÆÀ¼¶Îª¸ßΣ£¬13¸ö·ì϶ÆÀ¼¶ÎªÖÐΣ ¡£

ÆäÖÐÖµÍ×ÌùÐĵÄÊÇCisco AnyConnect Secure Mobility ClientÖеÄÒ»¸ö0day·ì϶£¨CVE-2020-3556£©£¬ÆäCVSSÆÀ·Ö7.3 ¡£CiscoÒѾ­¹«¿ªÁË´Ë·ì϶µÄPoC ¡£

¸Ã·ì϶λÓÚCisco AnyConnect¿Í»§¶ËµÄ¹ý³Ì¼äͨѶ£¨IPC£©Í¨Â·ÖУ¬ÓÉÓÚ²»×ã¶ÔIPCÕìÌýÆ÷µÄÉí·ÝÑéÖ¤£¬¹¥»÷ÕßÄܹ»·¢ËͶñÒâIPCÐÂÎŵ½AnyConnect¿Í»§¶ËµÄIPCÕìÌýÆ÷À´½øÐй¥»÷ ¡£³É¹¦ÀûÓô˷ì϶¿ÉÄܵ¼Ö¹¥»÷ÕßÓÕʹָ±êAnyConnectÓû§Ö´ÐжñÒâ¾ç±¾ ¡£

CiscoÒÑÈ·ÈÏ´Ë·ì϶²»»áÓ°ÏìApple iOSºÍAndroidÉϵÄCisco AnyConnect¿Í»§¶Ë ¡£

0x02 ´ëÖý¨Òé

¹Ù·½ÔÝδ°ä²¼´Ë·ì϶µÄ²¹¶¡ ¡£

»º½â´ëÊ©£º

½ûÓÃ×Ô¶¯¸üÐÂÖ°ÄÜ ¡£

²Î¿¼Ïνӣº

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect49/administration/guide/b_AnyConnect_Administrator_Guide_4-9/deploy-anyconnect.html?bookSearch=true#ID-1425-00000455

ÈôÊÇÎÞ·¨½ûÓÃ×Ô¶¯¸üÐÂÖ°ÄÜ£¬Ôò½ûÓá°ÆôÓþ籾¡±ÅäÖà ¡£

²Î¿¼Á´½Ó£º

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect49/administration/guide/b_AnyConnect_Administrator_Guide_4-9/anyconnect-profile-editor.html?bookSearch=true#ID-1430-000000c8


0x03 ²Î¿¼Á´½Ó

https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-ipc-KfQO9QhK

https://securityaffairs.co/wordpress/110414/security/zero-day-cisco-anyconnect-secure-mobility-client.html?


0x04 ¹¦·òÏß

2020-11-04  Cisco°ä²¼°²È«²¼¸æ

2020-11-05  VSRC°ä²¼°²È«¹«¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/

 

 image.png