Cisco not too long ago addressed a higher-severity safety flaw in its Safe Client software program that could be exploited by threat actors to open a VPN session with a targeted user.
The vulnerability, identified as CVE-2024-20337 (CVSS score: eight.two), enables an unauthenticated, remote attacker to carry out a Carriage Return Line Feed (CRLF) injection attack against a user by taking benefit of inadequate validation of user-supplied input.
Due to this flaw, a threat actor could trick a user into clicking on a specially crafted hyperlink in the course of a VPN session setup, potentially executing arbitrary script code in the browser or accessing sensitive info such as a valid SAML token.
Cisco has released patches for Safe Client versions for Windows, Linux, and macOS to address this concern, with certain versions indicated for each and every platform.
In addition, an additional higher-severity flaw (CVE-2024-20338, CVSS score: 7.three) in Safe Client for Linux was fixed in version five.1.two.42, stopping an authenticated, neighborhood attacker from escalating privileges on a compromised device.
The discovery of these vulnerabilities was credited to Amazon safety researcher Paulos Yibelo Mesfin, who highlighted the prospective threat of attackers gaining access to internal networks via controlled web sites.