Cisco finally patches months-old VPN security flaw

It’s taken Cisco just about six months to repair a crucial zero-day arbitrary code execution vulnerability in the Cisco AnyConnect Secure Mobility Consumer VPN program. 

The Cisco Merchandise Security Incident Response Staff (PSIRT) originally disclosed the vulnerability in November 2020 with no releasing a protection update.