Cisco released security updates to address vulnerabilities in Cisco Secure Client and Secure Client for Linux. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Product(s) Affected | Version | CVE | Severity | CVSS |
---|---|---|---|---|
Cisco Secure Client | before 4.10.04065 after 4.10.04065 to 4.10.08025, 5.0, 5.1 |
CVE-2024-20337 | High | 8.2 |
Cisco Secure Client for Linux | before 5.1.2.42 |
CVE-2024-20338 | High | 7.3 |
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month (refer Patch Management):