The update functionality of the Cisco AnyConnect Secure Mobility Client for Windows is affected by a path traversal vulnerability that allows local attackers to create/overwrite files on arbitrary locations and gain system privileges with an uncontolled serach path vulnerability.
CVE Link
Exploit Platform
Exploit Type
Product Name