CVE-2020-3433

Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges. Vendor/Product: Cisco AnyConnect Secure. Added to CISA KEV 2022-10-24; required action: Apply updates per vendor instructions.