Threat Post

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Cisco also disclosed high-severity vulnerabilities in its Webex and SD-WAN products. Cisco has disclosed a zero-day vulnerability – for which there is not yet a patch – in the Windows, macOS and Linux ...
Bleeping Computer

Cisco discloses AnyConnect VPN zero-day, exploit code available

Cisco has disclosed today a zero-day vulnerability in the Cisco AnyConnect Secure Mobility Client software with proof-of-concept exploit code publicly available. While security updates are not yet ...
Bleeping Computer

Cisco fixes 6-month-old AnyConnect VPN zero-day with exploit code

Cisco has fixed a six-month-old zero-day vulnerability found in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. The company's ...
Threat Post

High-Severity Cisco Flaw Found in CMX Software For Retailers

Cisco fixed high-severity flaws tied to 67 CVEs overall, including ones found inits AnyConnect Secure Mobility Client and in its RV110W, RV130, RV130W, and RV215W small business routers. A ...
Dark Reading

Cisco Warns AnyConnect VPNs Under Active Cyberattack

A pair of known security vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows is being actively exploited in the wild, despite being patched for two-plus years. The networking ...
Ars Technica

Two Factor VPN Certs Not Recognized by iOS/Cisco Secure AnyConnect App

At my shop, we previously used the Legacy Cisco AnyConnect Secure Mobility client. With the advent of iOS 12.x, while we're able to successfully complete enrollment in two-factor, the certificates are ...