Cisco Releases Patch for Critical VPN Hijacking Vulnerability in Secure Client


Cisco has released patches to mitigate a high-severity security flaw affecting its Secure Client software, designated as CVE-2024-20337 with a CVSS score of 8.2. This vulnerability permits unauthenticated remote attackers to execute a carriage return line feed (CRLF) injection attack, potentially enabling access to sensitive browser-based information and the establishment of a remote access VPN session with the affected user's privileges. The impacted Secure Client versions for Windows, Linux, and macOS include:

  • Versions earlier than 4.10.04065 (not vulnerable)
  • Version 4.10.04065 and later (fixed in 4.10.08025)
  • Version 5.0 (users are advised to migrate to a fixed release)
  • Version 5.1 (fixed in

Paulos Yibelo Mesfin, an Amazon security researcher, discovered and reported the vulnerability. Mesfin emphasized that attackers could leverage this flaw to gain access to local internal networks when a target visits a website under their control.

In addition, Cisco has addressed another high-severity vulnerability, CVE-2024-20338, with a CVSS score of 7.3, affecting Secure Client for Linux. This flaw enables authenticated local attackers to escalate privileges on the affected device. The issue has been resolved in version Exploitation of this vulnerability involves deploying a malicious library file to a specific directory and persuading an administrator to restart a specific process.

Cisco strongly advises users to promptly apply the provided patches to mitigate potential exploitation risks associated with these vulnerabilities.