CVE-2019-16007 - OpenCVE

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of implicit service invocations. An attacker could exploit this vulnerability by persuading a user to install a malicious application. A successful exploit could allow the attacker to access confidential user information or cause a DoS condition on the AnyConnect application.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction Required

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Anyconnect Secure Mobility Client

Configuration 1 [-]

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:android:*:*

No data.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-anyconnect-hijack

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-09-23T00:26:45.174098Z

Updated: 2024-09-16T20:16:19.905Z

Reserved: 2019-09-06T00:00:00

Link: CVE-2019-16007

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-09-23T01:15:13.627

Modified: 2020-09-28T19:08:18.597

Link: CVE-2019-16007

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco AnyConnect Secure Mobility Client", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-01-08T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of implicit service invocations. An attacker could exploit this vulnerability by persuading a user to install a malicious application. A successful exploit could allow the attacker to access confidential user information or cause a DoS condition on the AnyConnect application."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-345", "description": "CWE-345", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-23T00:26:45", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200108 Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-anyconnect-hijack"}], "source": {"advisory": "cisco-sa-20200108-anyconnect-hijack", "defect": [["CSCvr67149"]], "discovery": "INTERNAL"}, "title": "Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-01-08T16:00:00", "ID": "CVE-2019-16007", "STATE": "PUBLIC", "TITLE": "Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco AnyConnect Secure Mobility Client", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of implicit service invocations. An attacker could exploit this vulnerability by persuading a user to install a malicious application. A successful exploit could allow the attacker to access confidential user information or cause a DoS condition on the AnyConnect application."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "5.9", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-345"}]}]}, "references": {"reference_data": [{"name": "20200108 Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-anyconnect-hijack"}]}, "source": {"advisory": "cisco-sa-20200108-anyconnect-hijack", "defect": [["CSCvr67149"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T01:03:32.656Z"}, "title": "CVE Program Container", "references": [{"name": "20200108 Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-anyconnect-hijack"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-16007", "datePublished": "2020-09-23T00:26:45.174098Z", "dateReserved": "2019-09-06T00:00:00", "dateUpdated": "2024-09-16T20:16:19.905Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:android:*:*", "matchCriteriaId": "2F2061CA-FC7A-4FE6-9886-AD0C84CC7243", "versionEndExcluding": "4.8.00826", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of implicit service invocations. An attacker could exploit this vulnerability by persuading a user to install a malicious application. A successful exploit could allow the attacker to access confidential user information or cause a DoS condition on the AnyConnect application."}, {"lang": "es", "value": "Una vulnerabilidad en la comunicaci\u00f3n entre servicios de Cisco AnyConnect Secure Mobility Client para Android, podr\u00eda permitir a un atacante local no autenticado llevar a cabo un ataque de secuestro de servicio en un dispositivo afectado o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido al uso de invocaciones de servicio impl\u00edcitas. Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario a instalar una aplicaci\u00f3n maliciosa. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante acceder a informaci\u00f3n confidencial del usuario o causar una condici\u00f3n de DoS en la aplicaci\u00f3n AnyConnect"}], "id": "CVE-2019-16007", "lastModified": "2020-09-28T19:08:18.597", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 0.7, "impactScore": 5.2, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-23T01:15:13.627", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-anyconnect-hijack"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-345"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-345"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}