Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability

Cisco Anyconnect has vulnerability CVE-2020-3556, this allows an attacker to send a crafted IPC message and can allow attacker to execute scripts on user box. I think this is something ExtraHop should see and can build an alert on. Any help?