The VPN bug that isn't on the gateway, it's the updater on the laptop
CVE-2020-3433 and CVE-2020-3153 are in the Cisco AnyConnect Windows client, not the VPN gateway. The weak point is the privileged helper service that auto-updates the client, which a local user can trick into running their code as SYSTEM.
VPN vulnerabilities usually mean the gateway, the internet-facing appliance an attacker hits to get in. CVE-2020-3433 and CVE-2020-3153 are the other kind: bugs in the Cisco AnyConnect Secure Mobility Client, the software on the laptop. Neither gets an attacker onto the network. Both take an attacker who’s already on the endpoint as a normal user and make them SYSTEM. The weak point in each is the same kind of thing, the privileged background machinery that endpoint agents run to update and manage themselves.
What the bugs are
CVE-2020-3433 is a DLL hijacking flaw in the AnyConnect client’s interprocess communication (IPC) channel. An authenticated local attacker can abuse it so that the vpndownloader process, AnyConnect’s auto-update helper, which runs with system privileges, loads an attacker-supplied DLL (a planted dbghelp.dll in the path it copies to), executing the attacker’s code as SYSTEM. Antoine Goichot documented the technique, and Cisco fixed it in client version 4.9.00086 (June 2020).
CVE-2020-3153 is a path-traversal flaw in the client’s installer/IPC handling that lets a local attacker copy user-supplied files into system-level directories with SYSTEM privileges, again leveraging the privileged component to write where an unprivileged user shouldn’t. Fixed in 4.8.02042.
Both require local, authenticated access, both have public exploit code (including a Metasploit module), and CISA added them to the Known Exploited Vulnerabilities catalog on October 24, 2022, with the ransomware flag, after renewed in-the-wild exploitation attempts.
The pattern: privileged endpoint agents are local-privesc surface
The reason these matter beyond Cisco is structural. Modern endpoints are covered in software that runs a privileged background service: VPN clients, EDR agents, software updaters, management tools. Those services exist to do things a normal user can’t, install drivers, write to protected locations, update themselves, and they’re reachable, directly or indirectly, by the unprivileged user on the box. That combination, a SYSTEM-level service that low-privileged code can interact with, is a perennial source of privilege-escalation bugs, and the auto-update and IPC components are the recurring weak spots, exactly as they were here.
The takeaway is to treat your endpoint agents as part of your local-privilege-escalation attack surface, not just as security and connectivity tools. The more privileged background services run on a host, the more chances an attacker who lands as a normal user has to become SYSTEM, which is the step that turns a phished workstation into a foothold for everything else.
What to do
- Update AnyConnect clients to a fixed version. 4.9.00086 or later covers CVE-2020-3433, and 4.8.02042 or later covers CVE-2020-3153; current releases roll up both. Client patching is easy to neglect because the client isn’t internet-facing, but these are KEV-listed and exploited.
- Build endpoint-client patching into your fleet management. VPN clients, like browsers, often lag because they’re not on the server-patching radar. Make sure your endpoint management keeps client software current, not just the OS.
- Don’t deprioritize local privilege escalation. As with every EoP bug, “needs local access” is not a reason to wait, because local access is what initial-access malware provides. The SYSTEM step is what an intruder reaches for once they’re on the endpoint.
- Minimize and monitor privileged agents. Audit which background services run as SYSTEM on your endpoints, remove agents you don’t need, and watch for the tells of this attack class: unexpected DLL loads by updater/helper processes, and privileged services writing to or loading from user-writable locations.
The reframe is a small shift in where you look for VPN risk. The gateway gets the attention because it’s the front door, but the client on every laptop runs privileged code too, and a bug there is a clean path from “a user got phished” to “an attacker is SYSTEM on that machine.” Patch the clients, keep the count of privileged endpoint agents down, and treat the updater as the attack surface it is. We flag the client-side and endpoint-agent entries alongside the gateway ones, because the privilege-escalation half of an intrusion lives on the laptop, not the perimeter.
Sources
- CISA Known Exploited Vulnerabilities Catalog
- NVD CVE-2020-3433 — 2020-08
- NVD CVE-2020-3153 — 2020-02
- Antoine Goichot: Discovering new vulnerabilities in Cisco AnyConnect for Windows (CVE-2020-3433) — 2020
- Rapid7: Cisco AnyConnect privilege escalations (CVE-2020-3153, CVE-2020-3433) — 2022
- The Register: Cisco AnyConnect Windows client under active attack — 2022-10-26
Share
Related field notes
-
Cisco's management and identity products keep showing up in the catalog
Smart Licensing Utility, Identity Services Engine, IOS XE, Catalyst SD-WAN Manager, Unified Communications Manager, a run of exploited Cisco bugs in 2024-2026, including a hardcoded credential and several unauthenticated RCEs. The management plane is the target.
-
A 2020 bug leaked VPN passwords. The orgs that survived had MFA.
CVE-2020-3259 lets an unauthenticated attacker read Cisco ASA memory, sometimes including VPN credentials in cleartext. Akira ransomware used it for initial access years after the patch. The control that turned a leaked password into a non-event was multi-factor authentication.
-
The unlocked side door on your Cisco VPN was the default group nobody configured
CVE-2023-20269 let attackers brute-force Cisco ASA VPN credentials and establish unauthorized sessions, both by abusing default connection profiles that ship enabled. Akira and LockBit used it for initial access. The fix is patching plus hardening the defaults you never touched.
One email, every weekday morning.
You're in. Check your inbox.