Cisco Releases Security Advisory for Secure Client


Cisco has released a security advisory to address a vulnerability in its Secure Client for Windows.

Secure Client is Cisco’s endpoint virtual private network (VPN) solution. CVE-2025-20206 has a CVSSv3 score of 7.1 and if exploited could allow an authenticated, local attacker to achieve arbitrary code execution (ACE) on the affected machine with SYSTEM privileges via DLL hijacking. The vulnerability only affects the Windows version of Secure Client, and only affects Secure Clients with the Secure Firewall Posture Engine module installed.

Read more…
Source: NHS Digital


Sign up for our Newsletter


Related:

  • Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump

    March 20, 2017

    Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...