CVE-2021-20037

Summary

SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier.

Affected Software

VendorProductVersion RangeStatus
SonicWallSonicWall Global VPN ClientGlobal VPN Client 4.10.5 and earlieraffected

Weaknesses

  • CWE-276: CWE-276: Incorrect Default Permissions

ADP Enrichment

CVE Program Container

Additional References

References