The host is installed with Cisco AnyConnect Secure Mobility Client before 4.8.02042 is prone to a windows uncontrolled search path vulnerability. A flaw is present in the application which fails to handle a malicious file copied to a system directory. Successful exploitation could allows attackers to copy malicious files to arbitrary locations with system level privileges.