¡¾Îó²îͨ¸æ¡¿Cisco¶à¸öÇå¾²Îó²î
Ðû²¼Ê±¼ä 2021-01-140x00 Îó²î¸ÅÊö
2021Äê01ÔÂ13ÈÕ£¬£¬£¬£¬CiscoÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬¹ûÕæÁËÆä¶à¸ö²úÆ·ÖеÄ67¸öÎó²î²¹¶¡£¬£¬£¬£¬ÕâЩÎó²îÉæ¼°AnyConnectÇå¾²ÒÆ¶¯¿Í»§¶Ë¡¢RV110W¡¢RV130¡¢RV130WºÍRV215WСÐÍÆóҵ·ÓÉÆ÷¼°Cisco»¥ÁªÒƶ¯ÌåÑ飨CMX£©µÈ¡£¡£¡£¡£
0x01 Îó²îÏêÇé
Cisco»¥ÁªÒƶ¯ÌåÑéȨÏÞÉý¼¶Îó²î£¨CVE-2021-1144£©
¸ÃÎó²î±£´æÓÚ˼¿Æ»¥ÁªÒƶ¯ÌåÑ飨CMX£©ÖУ¬£¬£¬£¬ÊǶԸü¸ÄÃÜÂëµÄÊÚȨ¼ì²é´¦Öóͷ£²»µ±µ¼Öµģ¬£¬£¬£¬ÆäCVSSÆÀ·Ö8.8¡£¡£¡£¡£¾ÓÉÉí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÒÔͨ¹ý·¢ËͶñÒâHTTPÇëÇóÀ´Ê¹ÓôËÎó²î¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔ¸ü¸ÄϵͳÉÏÈκÎÓû§£¨°üÀ¨ÖÎÀíÓû§£©µÄÃÜÂëÀ´Ã°³ä¸ÃÓû§¡£¡£¡£¡£µ«ÒªÊ¹ÓôËÎó²î£¬£¬£¬£¬¹¥»÷Õß±ØÐèÓµÓоÓÉÉí·ÝÑéÖ¤µÄCMXÕÊ»§¡£¡£¡£¡£
Ó°Ïì¹æÄ£
Cisco CMX°æ±¾10.6.0¡¢10.6.1ºÍ10.6.2
ÐÞ¸´°æ±¾
10.6.3¼°¸ü¸ß°æ±¾
Cisco AnyConnect Secure Mobility Client for Windows DLL ×¢ÈëÎó²î£¨CVE-2021-1237£©
Ä£¿£¿£¿£¿£¿£¿£¿é»¯¶ËµãÈí¼þ²úÆ·AnyConnect Secure Mobility ClientΪ¶ËµãÌṩÁËÆÕ±éµÄÇ徲ЧÀÍ£¬£¬£¬£¬ÈçÔ¶³Ì»á¼û¡¢WebÇå¾²¹¦Ð§ºÍÖÜÓα£»£»£»£»£»£»¤¡£¡£¡£¡£
¸ÃÎó²î±£´æÓÚWindows°æCisco AnyConnectÇå¾²ÒÆ¶¯¿Í»§¶ËµÄÍøÂç»á¼ûÖÎÀíÆ÷ºÍWebÇå¾²ÊðÀí×é¼þÖУ¬£¬£¬£¬ÊÇÓ¦ÓóÌÐò¶ÔÔËÐÐʱ¼ÓÔØµÄ×ÊÔ´Ñé֤ȱ·¦µ¼Öµģ¬£¬£¬£¬ÆäCVSSÆÀ·Ö7.8¡£¡£¡£¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÔÚϵͳµÄÌØ¶¨Â·¾¶ÖвåÈëÉèÖÃÎļþÀ´Ê¹ÓôËÎó²î£¬£¬£¬£¬´Ó¶øµ¼ÖÂÓ¦ÓóÌÐòÆô¶¯Ê±¼ÓÔØ¶ñÒâµÄDLLÎļþ¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔʹÓÃSYSTEMȨÏÞÔÚÊÜÓ°ÏìµÄÅÌËã»úÉÏÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£µ«ÒªÊ¹ÓôËÎó²î£¬£¬£¬£¬¹¥»÷ÕßÐèÒªÔÚWindowsϵͳÉϾßÓÐÓÐÓÃµÄÆ¾Ö¤¡£¡£¡£¡£
Ó°Ïì¹æÄ£
Cisco AnyConnect Secure Mobility Client for Windows 4.9.04043֮ǰµÄ°æ±¾
ÐÞ¸´°æ±¾
Cisco AnyConnect Secure Mobility Client for Windows 4.9.04043¼°¸ü¸ß°æ±¾
±ðµÄ£¬£¬£¬£¬Ë¼¿ÆÐ¡ÐÍÆóÒµRV110W¡¢RV130¡¢RV130WºÍRV215W·ÓÉÆ÷Öб£´æ5¸öÏÂÁî×¢ÈëÎó²î£¨CVE-2021-1146¡¢CVE-2021-1147¡¢CVE-2021-1148¡¢CVE-2021-1149ºÍCVE-2021-1150£©£¬£¬£¬£¬Ô¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýʹÓÃÕâЩÎó²î×¢Èëí§ÒâÏÂÁî¡£¡£¡£¡£
³ýÉÏÊöÎó²îÍ⣬£¬£¬£¬Ë¼¿ÆÐ¡ÐÍÆóÒµRV110W¡¢RV130¡¢RV130WºÍRV215W»¹±£´æ60¸öÎó²î£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄ×°±¸·¢ËͶñÒâµÄHTTPÇëÇóÀ´Ê¹ÓÃÕâЩÎó²î£¬£¬£¬£¬ÀÖ³ÉʹÓÃÕâЩÎó²îµÄ¹¥»÷ÕßÄܹ»ÒÔrootÓû§Éí·ÝÔڵײã²Ù×÷ϵͳÉÏÖ´ÐÐí§Òâ´úÂë¡¢µ¼ÖÂ×°±¸ÖØÐ¼ÓÔØ»ò¾Ü¾øÐ§ÀÍ¡£¡£¡£¡£
0x02 ´¦Öóͷ£½¨Òé
½¨Òé²Î¿¼Cisco¹Ù·½Ðû²¼µÄÇ徲ͨ¸æÉý¼¶ÖÁ×îа汾¡£¡£¡£¡£
ÏÂÔØÁ´½Ó£º
https://software.cisco.com/download/find
0x03 ²Î¿¼Á´½Ó
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-injec-pQnryXLf
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmxpe-75Asy9k
https://threatpost.com/cisco-flaw-cmx-software-retailers/163027/
0x04 ʱ¼äÏß
2021-01-13 CiscoÐû²¼Çå¾²¸üÐÂ
2021-01-14 VSRCÐû²¼Ç徲ͨ¸æ
0x05 ¸½Â¼
CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/