Security Updates for Cisco AnyConnect Released
Cisco has released fixes for two security-related bugs in Cisco AnyConnect. One potentially remotely exploitable bug affects specific AnyConnect client versions on Windows, Apple OS X, and Linux. A local privilege escalation issue affects only certain AnyConnect client versions on Windows systems.
Exploit code for affected versions of the AnyConnect client is publicly available at: http://www.exploit-db.com/exploits/17366/.