Cisco has released security updates to address vulnerabilities in multiple Cisco products.

Cisco has released security updates to address dangerous vulnerabilities (CVE-2020-3433, CVE-2020-3153) in Cisco AnyConnect Secure Mobility Client for Windows. An attacker could exploit these vulnerabilities to execute arbitrary code on the affected machine and copy malicious files to arbitrary locations with system level privileges. Cisco reports that these vulnerabilities are likely to be exploited in the wild and recommends that customers upgrade to a fixed software release to remediate the vulnerabilities.

Details on all of the addressed vulnerabilities are available on Cisco’s security portal - cisco.com.