CVE-2016-9192

Published: Dec 14, 2016Modified: May 6, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected Releases: 4.3(2039) 4.3(748). Known Fixed Releases: 4.3(4019) 4.4(225).

Affected (20)

Products: Cisco: Anyconnect Secure Mobility Client

Cisco

1 product

Anyconnect Secure Mobility Client

Configuration A

20 vulnerable

Vulnerable Software	Affected Versions
Cisco Anyconnect Secure Mobility Client	Version 3.1.02043
Cisco Anyconnect Secure Mobility Client	Version 3.1.05182
Cisco Anyconnect Secure Mobility Client	Version 3.1.05187
Cisco Anyconnect Secure Mobility Client	Version 3.1.06073
Cisco Anyconnect Secure Mobility Client	Version 3.1.07021
Cisco Anyconnect Secure Mobility Client	Version 3.1.0
Cisco Anyconnect Secure Mobility Client	Version 3.1(60)
Cisco Anyconnect Secure Mobility Client	Version 4.0.00048
Cisco Anyconnect Secure Mobility Client	Version 4.0.00051
Cisco Anyconnect Secure Mobility Client	Version 4.0.0
Cisco Anyconnect Secure Mobility Client	Version 4.0(2049)
Cisco Anyconnect Secure Mobility Client	Version 4.0(48)
Cisco Anyconnect Secure Mobility Client	Version 4.0(64)
Cisco Anyconnect Secure Mobility Client	Version 4.1.0
Cisco Anyconnect Secure Mobility Client	Version 4.1(8)
Cisco Anyconnect Secure Mobility Client	Version 4.2.04039
Cisco Anyconnect Secure Mobility Client	Version 4.2.0
Cisco Anyconnect Secure Mobility Client	Version 4.3.00748
Cisco Anyconnect Secure Mobility Client	Version 4.3.01095
Cisco Anyconnect Secure Mobility Client	Version 4.3.0