The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Cisco Secure Desktop

vulnerability announce CVE-2015-0691

Cisco Secure Desktop: code execution via Cache Cleaner

Synthesis of the vulnerability

An attacker can invite the victim to connect to a malicious site using cache.jar (Cache Cleaner) of Cisco Secure Desktop, in order to execute code.
Impacted products: Cisco Secure Desktop.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: internet server.
Creation date: 15/04/2015.
Identifiers: CERTFR-2015-AVI-176, cisco-sa-20150415-csd, CSCup83001, CVE-2015-0691, VIGILANCE-VUL-16632.

Description of the vulnerability

The Cisco Secure Desktop product uses Cache Cleaner to delete the cache of the web browser.

The cache.jar archive is signed by Cisco. However, the Cache Cleaner application in this JAR contains a vulnerability.

An attacker can therefore invite the victim to connect to a malicious site using cache.jar (Cache Cleaner) of Cisco Secure Desktop, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2012-4655

Cisco Secure Desktop: code execution via ActiveX/Applet

Synthesis of the vulnerability

When the Cisco Secure Desktop ActiveX (or the Java applet) is installed on victim's computer, an attacker can invite him to display a malicious HTML page loading this ActiveX, and executing code on his computer.
Impacted products: Cisco AnyConnect Secure Mobility Client, AnyConnect VPN Client, Cisco Secure Desktop.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 20/09/2012.
Identifiers: BID-55606, cisco-sa-20120620-ac, CSCtz76128, CSCtz78204, CVE-2012-4655, VIGILANCE-VUL-11963.

Description of the vulnerability

The Cisco Secure Desktop product uses an ActiveX or a Java applet which are called from user's web browser. Both components are signed by Cisco, so they are loaded with no warning.

However, these components do not correctly check their parameters, so an attacker can upload code and execute it via WebLaunch.

When the Cisco Secure Desktop ActiveX (or the Java applet) is installed on victim's computer, an attacker can therefore invite him to display a malicious HTML page loading this ActiveX, and executing code on his computer.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2011-0925 CVE-2011-0926

Cisco Secure Desktop: code execution via CSDWebInstallerCtrl

Synthesis of the vulnerability

An attacker can invite the victim to open an HTML page calling the Cisco Secure Desktop CSDWebInstallerCtrl ActiveX, in order to execute code on his computer.
Impacted products: Cisco Secure Desktop, IE.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 24/02/2011.
Identifiers: 22528, 22529, BID-46536, BID-46538, CSCti97720, CSCtj03005, CVE-2011-0925, CVE-2011-0926, VIGILANCE-VUL-10393, ZDI-11-091, ZDI-11-092.

Description of the vulnerability

The Cisco Secure Desktop product installs the CSDWebInstaller.ocx ActiveX which can be instantiated in Internet Explorer. This ActiveX processes the installation. It is impacted by two vulnerabilities.

The ActiveX does not check the signature of the downloaded and executed program. An attacker can therefore force the download and the execution of a malicious program. [severity:3/4; 22529, BID-46536, CSCti97720, CVE-2011-0926, ZDI-11-091]

An attacker can rename a file signed by Cisco to "inst.exe", in order to force the execution of code by cleaner.cab. [severity:3/4; 22528, BID-46538, CSCtj03005, CVE-2011-0925, ZDI-11-092]

An attacker can therefore invite the victim to open an HTML page calling the Cisco Secure Desktop CSDWebInstallerCtrl ActiveX, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2010-0589

Cisco Secure Desktop: code execution

Synthesis of the vulnerability

An attacker can invite the victim to see an HTML page calling the Cisco Secure Desktop ActiveX, in order to execute a program on his computer.
Impacted products: Cisco Secure Desktop.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 14/04/2010.
Identifiers: 111723, 111840, BID-39478, CERTA-2010-AVI-180, cisco-amb-20100414-csd, cisco-sa-20100414-csd, CSCta25876, CVE-2010-0589, VIGILANCE-VUL-9591, ZDI-10-072.

Description of the vulnerability

Cisco Secure Desktop installs an ActiveX which downloads a program. This ActiveX checks its signature, and then executes it.

However, the ActiveX does not correctly check the integrity on the program. An attacker can thus change this program.

An attacker can therefore invite the victim to see an HTML page calling the Cisco Secure Desktop ActiveX, in order to execute a program on his computer.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2010-0440

Cisco ASA, Secure Desktop: Cross Site Scripting

Synthesis of the vulnerability

An attacker can generate a Cross Site Scripting in Cisco Secure Desktop.
Impacted products: ASA, Cisco Secure Desktop.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 02/02/2010.
Identifiers: 19843, BID-37960, CERTA-2010-AVI-042, CORE-2010-0106, CVE-2010-0440, VIGILANCE-VUL-9398.

Description of the vulnerability

The Cisco Secure Desktop product is used to check the security level of computers connecting to the VPN.

The https://computer/+CSCOT+/translation page of CSD generates a variable containing the translated text.

However, posted parameters are not filtered before being displayed.

An attacker can therefore generate a Cross Site Scripting in Cisco Secure Desktop.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.