Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka Bug ID CSCua28747.
Conclusion & alert: CVE-2012-3052 is rated Low Risk (39.5/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.42%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.14% | 0.42% | +0.28% |
| 2 | 2025-03-17 | 0.05% | 0.14% | +0.09% |
| 3 | 2023-03-07 | — | 0.05% | — |
Full EPSS history (4 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.9 | 2.0 | MEDIUM |
|
3.4 | 10.0 | [email protected] |
: Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| cisco | vpn_client | 5.0 | cpe:2.3:a:cisco:vpn_client:5.0:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.01 | cpe:2.3:a:cisco:vpn_client:5.0.01:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.01.0600 | cpe:2.3:a:cisco:vpn_client:5.0.01.0600:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.2 | cpe:2.3:a:cisco:vpn_client:5.0.2:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.02.0090 | cpe:2.3:a:cisco:vpn_client:5.0.02.0090:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.2.0090 | cpe:2.3:a:cisco:vpn_client:5.0.2.0090:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.03.0530 | cpe:2.3:a:cisco:vpn_client:5.0.03.0530:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.03.0560 | cpe:2.3:a:cisco:vpn_client:5.0.03.0560:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.04.0300 | cpe:2.3:a:cisco:vpn_client:5.0.04.0300:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.5 | cpe:2.3:a:cisco:vpn_client:5.0.5:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.05.0290 | cpe:2.3:a:cisco:vpn_client:5.0.05.0290:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.6 | cpe:2.3:a:cisco:vpn_client:5.0.6:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.06.0160 | cpe:2.3:a:cisco:vpn_client:5.0.06.0160:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.7 | cpe:2.3:a:cisco:vpn_client:5.0.7:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.07.0290 | cpe:2.3:a:cisco:vpn_client:5.0.07.0290:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.07.0410 | cpe:2.3:a:cisco:vpn_client:5.0.07.0410:*:*:*:*:*:*:* |
| cisco | vpn_client | 5.0.07.0440 | cpe:2.3:a:cisco:vpn_client:5.0.07.0440:*:*:*:*:*:*:* |