CVE-2020-5145

8.6HIGH

Key Information

Vendor: Sonicwall
Status: Sonicwall Global Vpn Client
Vendor: CVE Published:; 28 October 2020

Summary

SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.

Affected Version(s)

SonicWall Global VPN Client = 4.10.4.0314 and earlier

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published.
Oct 28, 2020
Vulnerability Reserved.
Dec 31, 2019

Collectors

NVD DatabaseMitre Database