CVE-2008-5121

high Cisco
CVSS v3 Base Score
7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
0.4%
Exploitation probability in 30 days
Top 42% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: November 18, 2008 (6386 days ago)
Last Modified: April 23, 2026
Vendor: Cisco
Source: NVD

Description

dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface.

CWE

CWE-264

Affected Products

citrix deterministic network enhancer

References

🔗 secunia.com 🔗 secunia.com 🔗 secunia.com 🔗 secunia.com 🔗 securityreason.com