Cisco has disclosed a zero-day vulnerability – for which there is not yet a patch – in the Windows, macOS and Linux versions of its AnyConnect Secure Mobility Client Software.

This bug doesn't affect the AnyConnect client for macOS, Linux, or the client for iOS, Android, and the Universal Windows Platform. Cisco has given CVE-2020-3433 a severity score of 7.8.

Cisco has fixed a six-month-old zero-day vulnerability found in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code.