High severity7.8NVD Advisory· Published Dec 14, 2016· Updated May 6, 2026
CVE-2016-9192
CVE-2016-9192
Description
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected Releases: 4.3(2039) 4.3(748). Known Fixed Releases: 4.3(4019) 4.4(225).
Affected products
20cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.0:*:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.02043:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05182:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05187:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.06073:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.07021:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1\(60\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00048:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00051:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\(2049\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\(48\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\(64\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1\(8\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.04039:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.00748:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.01095:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.securityfocus.com/bid/94770nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037409nvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1nvdVendor Advisory
- github.com/nettitude/PoshC2/blob/master/Modules/CVE-2016-9192.ps1nvd
News mentions
0No linked articles in our index yet.