CVE-2021-20037
7.8HIGH
Key Information
- Vendor
- Sonicwall
- Status
- Sonicwall Global Vpn Client
- Vendor
- CVE Published:
- 21 September 2021
Summary
SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier.
Affected Version(s)
SonicWall Global VPN Client = Global VPN Client 4.10.5 and earlier
Refferences
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database