{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T06:44:29.024","vulnerabilities":[{"cve":{"id":"CVE-2020-3432","sourceIdentifier":"psirt@cisco.com","published":"2025-02-12T00:15:07.670","lastModified":"2025-06-24T00:12:09.860","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.\r\nThe vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."},{"lang":"es","value":"Una vulnerabilidad en el componente de desinstalación de Cisco AnyConnect Secure Mobility Client para Mac OS podría permitir que un atacante local autenticado corrompa el contenido de cualquier archivo en el sistema de archivos. La vulnerabilidad se debe a la gestión incorrecto de las rutas de directorio. Un atacante podría aprovechar esta vulnerabilidad creando un enlace simbólico (symlink) a un archivo de destino en una ruta específica. Una explotación exitosa podría permitir al atacante corromper el contenido del archivo. Si el archivo es un archivo crítico del sistema, la explotación podría provocar una condición de denegación de servicio. Para aprovechar esta vulnerabilidad, el atacante necesitaría tener credenciales válidas en el sistema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":4.2}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":4.2}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:macos:*:*","versionEndExcluding":"4.9.00086","matchCriteriaId":"D9A113B2-E3B3-4290-AA9F-183410CB115F"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-mac-dos-36s2y3Lv","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}}]}