CVE-2021-1429: 
Cisco AnyConnect Secure Client vulnerability analysis and mitigation

A vulnerability in the upgrade process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform an executable hijacking attack on an affected device. The vulnerability (CVE-2021-1429) exists because a temporary file with insecure permissions is created during the upgrade process. This vulnerability affects Cisco AnyConnect Secure Mobility Client for Windows versions earlier than 4.10.00093 (Cisco Advisory).

The vulnerability occurs when a temporary file with insecure permissions is created during the upgrade process. An attacker could exploit this vulnerability by overwriting the temporary file before it is accessed for execution. The vulnerability has been assigned a CVSS Base Score of 7.0 with the vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating a high severity level (Cisco Advisory).

A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. The attacker must have valid credentials on the Windows system to exploit this vulnerability (Cisco Advisory).

Cisco has released software updates that address this vulnerability in version 4.10.00093. There are no workarounds that address this vulnerability. Customers are advised to upgrade to an appropriate fixed software release (Cisco Advisory).