CVE-2021-1567: 
Cisco AnyConnect Secure Client vulnerability analysis and mitigation

A vulnerability (CVE-2021-1567) was discovered in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module. The vulnerability was disclosed on June 16, 2021, affecting Cisco AnyConnect Secure Mobility Client for Windows releases earlier than Release 4.10.01075 when the VPN Posture (HostScan) Module is installed (Cisco Advisory).

The vulnerability stems from a race condition in the signature verification process for DLL files that are loaded on an affected device. It has been assigned CWE-367 (Time-of-check Time-of-use Race Condition) and received a CVSS v3.1 base score of 7.0 (High), with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (Cisco Advisory).

A successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected device with SYSTEM privileges. This level of access would enable the attacker to install programs, view or modify data, and create new accounts with full user rights (Cisco Advisory).

Cisco has released software updates that address this vulnerability in Cisco AnyConnect Secure Mobility Client for Windows releases 4.10.01075 and later. No workarounds are available for this vulnerability, making it critical for affected users to update to the patched version (Cisco Advisory).

The vulnerability was responsibly disclosed by security researchers Marcos Accossatto and Pablo Zurro of Core Security. The discovery and patching of this vulnerability were part of a broader security update that addressed multiple Cisco products (Threatpost).