Volerion logoVolerion
Volerion logoVolerion

Cisco AnyConnect Secure Mobility Client for Mac OS File Corruption Vulnerability

Vulnerability

A vulnerability exists in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS, prior to version 4.9.00086. This vulnerability allows an authenticated, local attacker to corrupt the content of any file in the filesystem. The issue arises from improper handling of directory paths, enabling an attacker to create a symbolic link to a target file. Exploitation could lead to corruption of the file's contents, and if a critical system file is targeted, it could cause a denial-of-service condition.

Impact

Exploitation of this vulnerability could result in unauthorized file corruption, potentially leading to a denial-of-service condition if critical system files are affected.

Remediation

Users can upgrade to Cisco AnyConnect Secure Mobility Client for Mac OS version 4.9.00086 or later to address this vulnerability. For guidance on software upgrades, consult the Cisco Security Vulnerability Policy or contact the Cisco Technical Assistance Center (TAC).

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
6.6
impact
6.7
exploitability
3.3
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.