Cisco VPN Client 5.x < Untrusted Search Path DLL Privilege Escalation

Medium Nessus Plugin ID 93478


The VPN client installed on the remote Windows host is affected by a local privilege escalation vulnerability.


The version of the Cisco VPN client installed on the remote host is 5.x prior to It is, therefore, affected by a flaw related to loading dynamic link library (DLL) files due to searching fixed paths that may not be trusted or under user control. A local attacker can exploit this, via a trojan DLL injected into the search path, to execute arbitrary code with elevated privileges.


This software is no longer supported. Contact the vendor for options.

See Also

Plugin Details

Severity: Medium

ID: 93478

File Name: cisco_vpn_client_5_0_07_0440.nasl

Version: $Revision: 1.1 $

Type: local

Agent: windows

Family: Windows

Published: 2016/09/14

Modified: 2016/09/14

Dependencies: 25549

Risk Information

Risk Factor: Medium


Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C


Base Score: 6.7

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:cisco:vpn_client

Required KB Items: SMB/CiscoVPNClient/Version

Vulnerability Publication Date: 2012/05/30

Reference Information

CVE: CVE-2012-3052

OSVDB: 85578