Cisco has published a security advisory to address vulnerabilities affecting the following product on the 25th of October 2022. It is recommended that you take the necessary precautions to ensure your products are always protected.
Cisco AnyConnect Secure Mobility Client for Windows versions prior to 4.8.02042
For more information on this update, you can follow this URL:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj
The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.
PDF Download: Cisco Security Advisory.pdf
References
Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability. (25th of October 2022) Reviewed from Cisco:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj
Critical Vulnerabilities in Cisco AnyConnect Secure Mobility Client for Windows (26th of October 2022). Reviewed from SingCERT
https://www.csa.gov.sg/en/singcert/Alerts/AL-2022-067