Cisco anyconnect LPE vulnerability dubbed as CVE-2023–20178 exploitation
1 min readJul 3, 2023
Firstly, I was trying to test the POC in windows 8.1 pro build 9600 and I found that it did not work. Tested anyconnect version is 5.0.01242
Then I moved to windows 10 pro, version 10.0.19045 and build is 19045.
The process is simple. From the below github link, you need to build the poc code to an executable. If you need any help how to do that, then let me know. I will explain that later.
Now follow the step:
- Launch a powershell session and run the executable, in this case .\Project5.exe
- Connect with your vpn.
- Now wait for some seconds, you will see a command line shell is just spawned up with system level privilege.
- Now you can do anything on that system.
Cisco has released patch of this vulnerability. So patch your vulnerable anyconnect software. Its a big threat for insider attack.
Thanks hope you like it. Please subscribe below.
LinkedIn:
https://www.linkedin.com/in/md-mahimbin-firoj-7b8a5a113/
YouTube:
