CVE-2009-4118

low

Cisco

CVSS v3 Base Score

2.1

AV:L/AC:L/Au:N/C:N/I:N/A:P

EPSS Score

0.3%

Exploitation probability in 30 days

Top 49% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

None

Integrity

None

Availability

Published: December 1, 2009 (6008 days ago)

Last Modified: April 23, 2026

Vendor: Cisco

Source: NVD

Description

The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.

CWE

NVD-CWE-Other

Affected Products

cisco vpn client

References

🔗 packetstormsecurity.org 🔗 secunia.com 🔗 tools.cisco.com 🔗 www.securityfocus.com 🔗 www.vupen.com

CVE-2009-4118

Vulnerability Report

Description

CWE

Affected Products

References