The host is installed with Cisco AnyConnect Secure Mobility Client before 4.9.06037 is prone to a windows upgrade DLL hijacking vulnerability. A flaw is present in the application which fails to handle a temporary file with insecure permissions that is created during the upgrade process. Successful exploitation could allows attackers to execute arbitrary code on the affected device with SYSTEM privileges.