CVE-2020-3153CISA KEVEPSS p97.9%

CVE-2020-3153Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability

Cisco / AnyConnect Secure

Description

Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.

Scoring

EPSS28.31% probability of exploitation · percentile 97.9% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2022-10-24

(incoming)1

TypeTargetConfidenceTier
KEVEntryCisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerabilitykev-cve-2020-31530%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
CVE
CVE-2026-20931
CVE
CVE-2025-49457
CVE
CVE-2025-26645
CVE
CVE-2026-47648
CVE
CVE-2025-26155
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.