Cisco Releases Security Advisory for Vulnerability in AnyConnect Software

Original release date: December 7, 2020

Cisco has released a security advisory on an Arbitrary Code Execution vulnerability—CVE-2020-3556—affecting Cisco AnyConnect Secure Mobility Client devices. A remote attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates or workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.