The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.
Conclusion & alert: CVE-2009-4118 is rated Exploit Available (54.5/100): CVSS Low severity, with medium exploitation likelihood (EPSS 2.50%). Core evidence: 3 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +2.23% over the last day, indicating growing attacker interest. Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| 10190 | exploit_db | edb | 2009-11-21 | Exploit-DB ↗ |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.27% | 2.50% | +2.23% |
| 2 | 2025-06-15 | 0.37% | 0.27% | -0.10% |
| 3 | 2025-03-30 | — | 0.37% | — |
Full EPSS history (14 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 2.1 | 2.0 | LOW |
|
3.9 | 2.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| cisco | vpn_client | 2.0 | cpe:2.3:a:cisco:vpn_client:2.0:*:windows:*:*:*:*:* |
| cisco | vpn_client | 3.0 | cpe:2.3:a:cisco:vpn_client:3.0:*:windows:*:*:*:*:* |
| cisco | vpn_client | 3.0.5 | cpe:2.3:a:cisco:vpn_client:3.0.5:*:windows:*:*:*:*:* |
| cisco | vpn_client | 3.1 | cpe:2.3:a:cisco:vpn_client:3.1:*:windows:*:*:*:*:* |
| cisco | vpn_client | 3.5.1 | cpe:2.3:a:cisco:vpn_client:3.5.1:*:windows:*:*:*:*:* |
| cisco | vpn_client | 3.5.1c | cpe:2.3:a:cisco:vpn_client:3.5.1c:*:windows:*:*:*:*:* |
| cisco | vpn_client | 3.5.2 | cpe:2.3:a:cisco:vpn_client:3.5.2:*:windows:*:*:*:*:* |
| cisco | vpn_client | 3.6.5 | cpe:2.3:a:cisco:vpn_client:3.6.5:base:windows:*:*:*:*:* |
| cisco | vpn_client | 4.7.00.0000 | cpe:2.3:a:cisco:vpn_client:4.7.00.0000:*:windows:*:*:*:*:* |
| cisco | vpn_client | 4.8.00.0000 | cpe:2.3:a:cisco:vpn_client:4.8.00.0000:*:windows:*:*:*:*:* |
| cisco | vpn_client | 4.8.00.0440 | cpe:2.3:a:cisco:vpn_client:4.8.00.0440:*:windows:*:*:*:*:* |
| cisco | vpn_client | 4.8.1 | cpe:2.3:a:cisco:vpn_client:4.8.1:*:windows:*:*:*:*:* |
| cisco | vpn_client | 4.8.01 | cpe:2.3:a:cisco:vpn_client:4.8.01:base:windows:*:*:*:*:* |
| cisco | vpn_client | 4.8.02.0010 | cpe:2.3:a:cisco:vpn_client:4.8.02.0010:base:windows:*:*:*:*:* |
| cisco | vpn_client | 4.9 | cpe:2.3:a:cisco:vpn_client:4.9:base:windows:*:*:*:*:* |
| cisco | vpn_client | 5.0.00.340 | cpe:2.3:a:cisco:vpn_client:5.0.00.340:base:windows:*:*:*:*:* |
| cisco | vpn_client | 5.0.01 | cpe:2.3:a:cisco:vpn_client:5.0.01:*:windows:*:*:*:*:* |
| cisco | vpn_client | 5.0.01.0600 | cpe:2.3:a:cisco:vpn_client:5.0.01.0600:base:windows:*:*:*:*:* |
| cisco | vpn_client | 5.0.2.0090 | cpe:2.3:a:cisco:vpn_client:5.0.2.0090:*:windows:*:*:*:*:* |
| cisco | vpn_client | 5.0.02.0090 | cpe:2.3:a:cisco:vpn_client:5.0.02.0090:base:windows:*:*:*:*:* |
| cisco | vpn_client | 0490 | cpe:2.3:a:cisco:vpn_client:0490:base:windows:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://packetstormsecurity.org/0911-exploits/sybsec-adv17.txt | Exploit |
| http://secunia.com/advisories/37419 | Vendor Advisory |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=19445 | Vendor Advisory |
| http://www.securityfocus.com/bid/37077 | Exploit |
| http://www.vupen.com/english/advisories/2009/3296 | Vendor Advisory |