CVE-2021-20047

Summary

SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system.

Affected Software

VendorProductVersion RangeStatus
SonicWallSonicWall Global VPN ClientGlobal VPN Client 4.10.6 and earlieraffected

Weaknesses

  • CWE-427: CWE-427: Uncontrolled Search Path Element

ADP Enrichment

CVE Program Container

Additional References

References