CVE-2020-5147

Summary

SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier.

Affected Software

VendorProductVersion RangeStatus
SonicWallSonicWall NetExtender10.2.300 and earlieraffected

Weaknesses

  • CWE-428: CWE-428: Unquoted Search Path or Element

ADP Enrichment

CVE Program Container

Additional References

References