New Vulnerability in SONICWALL GLOBAL VPN

Wednesday, October 28, 2020, 13:36 GMT

SonicWall Global VPN client versions 4.10.4.0314 and older are vulnerable to unstable library loading (DLL hijacking).

Effective exploitation could lead to the execution of remote code in the target device.

SOLUTION:

Upgrade application to version 4.10.5.1021

Sonicwall.com
Advisory IDSNWLID-2020-0021
First Published2020-10-28
Last Updated2020-10-28
Workaroundfalse
StatusApplicable
CVECVE-2020-5145
CWECWE-427
CVSS v38.5
CVSS VectorCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H

References:

CveMitre

Sonicwall

psirt.global.sonicwall.com/