Cisco has taken action to address a significant security vulnerability affecting its Secure Client software, which could potentially compromise VPN sessions. The flaw, identified as CVE-2024-20337 with a CVSS score of 8.2, allows remote attackers to execute a carriage return line feed (CRLF) injection attack against users. Exploiting this vulnerability, threat actors could manipulate users into clicking on specially crafted links, leading to arbitrary script code execution in the browser and access to sensitive information, including valid SAML tokens.
The impact of this vulnerability extends across multiple operating systems, including Windows, Linux, and macOS. Cisco has released patches for affected versions, with specific fixes for versions earlier than 4.10.04065 and subsequent releases. Additionally, the company has addressed another high-severity flaw, CVE-2024-20338, impacting Secure Client for Linux. This flaw, with a CVSS score of 7.3, enables authenticated local attackers to elevate privileges on affected devices by exploiting vulnerabilities in the filesystem.
Amazon security researcher Paulos Yibelo Mesfin is credited with discovering and reporting the CVE-2024-20337 vulnerability, highlighting the potential for attackers to access internal networks through websites under their control. Cisco underscores the critical importance of updating to the fixed versions promptly to mitigate the risk of exploitation. By addressing these vulnerabilities, Cisco aims to bolster the security of its Secure Client software and safeguard users against potential threats to their VPN sessions and network integrity.
