CVE-2023-20241

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.

Published: 2023-11-22 Last update: 2026-06-17 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2023-20241 is rated Low Risk (25.5/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.20%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2023-20241

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.03% 0.20% +0.16%
2 2025-03-30 0.06% 0.03% -0.02%
3 2025-03-29 0.06%

Full EPSS history (4 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2023-20241

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.5 3.1 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L)
A normal user session is enough; they don’t have to be admin.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N)
Doesn’t really leak secrets in a meaningful way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
1.8 3.6 [email protected]
5.5 3.1 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L)
A normal user session is enough; they don’t have to be admin.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N)
Doesn’t really leak secrets in a meaningful way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
1.8 3.6 [email protected]

Weakness enumeration for CVE-2023-20241

Affected software / configurations for CVE-2023-20241

Vendor Product Version Raw CPE
cisco anyconnect_secure_mobility_client 4.9.00086 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.00086:*:*:*:*:*:*:*
cisco anyconnect_secure_mobility_client 4.9.01095 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.01095:*:*:*:*:*:*:*
cisco anyconnect_secure_mobility_client 4.9.02028 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.02028:*:*:*:*:*:*:*
cisco anyconnect_secure_mobility_client 4.9.03047 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03047:*:*:*:*:*:*:*
cisco anyconnect_secure_mobility_client 4.9.03049 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03049:*:*:*:*:*:*:*
cisco anyconnect_secure_mobility_client 4.9.04043 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04043:*:*:*:*:*:*:*
cisco anyconnect_secure_mobility_client 4.9.04053 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04053:*:*:*:*:*:*:*
cisco anyconnect_secure_mobility_client 4.9.05042 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.05042:*:*:*:*:*:*:*
cisco anyconnect_secure_mobility_client 4.9.06037 cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.06037:*:*:*:*:*:*:*
cisco secure_client 4.10.00093 cpe:2.3:a:cisco:secure_client:4.10.00093:*:*:*:*:*:*:*
cisco secure_client 4.10.01075 cpe:2.3:a:cisco:secure_client:4.10.01075:*:*:*:*:*:*:*
cisco secure_client 4.10.02086 cpe:2.3:a:cisco:secure_client:4.10.02086:*:*:*:*:*:*:*
cisco secure_client 4.10.03104 cpe:2.3:a:cisco:secure_client:4.10.03104:*:*:*:*:*:*:*
cisco secure_client 4.10.04065 cpe:2.3:a:cisco:secure_client:4.10.04065:*:*:*:*:*:*:*
cisco secure_client 4.10.04071 cpe:2.3:a:cisco:secure_client:4.10.04071:*:*:*:*:*:*:*
cisco secure_client 4.10.05085 cpe:2.3:a:cisco:secure_client:4.10.05085:*:*:*:*:*:*:*
cisco secure_client 4.10.05095 cpe:2.3:a:cisco:secure_client:4.10.05095:*:*:*:*:*:*:*
cisco secure_client 4.10.05111 cpe:2.3:a:cisco:secure_client:4.10.05111:*:*:*:*:*:*:*
cisco secure_client 4.10.06079 cpe:2.3:a:cisco:secure_client:4.10.06079:*:*:*:*:*:*:*
cisco secure_client 4.10.06090 cpe:2.3:a:cisco:secure_client:4.10.06090:*:*:*:*:*:*:*
cisco secure_client 4.10.07061 cpe:2.3:a:cisco:secure_client:4.10.07061:*:*:*:*:*:*:*
cisco secure_client 4.10.07062 cpe:2.3:a:cisco:secure_client:4.10.07062:*:*:*:*:*:*:*
cisco secure_client 4.10.07073 cpe:2.3:a:cisco:secure_client:4.10.07073:*:*:*:*:*:*:*
cisco secure_client 5.0.00238 cpe:2.3:a:cisco:secure_client:5.0.00238:*:*:*:*:*:*:*
cisco secure_client 5.0.00529 cpe:2.3:a:cisco:secure_client:5.0.00529:*:*:*:*:*:*:*
cisco secure_client 5.0.00556 cpe:2.3:a:cisco:secure_client:5.0.00556:*:*:*:*:*:*:*
cisco secure_client 5.0.01242 cpe:2.3:a:cisco:secure_client:5.0.01242:*:*:*:*:*:*:*
cisco secure_client 5.0.02075 cpe:2.3:a:cisco:secure_client:5.0.02075:*:*:*:*:*:*:*
cisco secure_client 5.0.03072 cpe:2.3:a:cisco:secure_client:5.0.03072:*:*:*:*:*:*:*
cisco secure_client 5.0.03076 cpe:2.3:a:cisco:secure_client:5.0.03076:*:*:*:*:*:*:*

References for CVE-2023-20241

cvelogic Threat Intelligence