CVE-2021-20037
published 2021-09-21CVE-2021-20037: SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which…
PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.40%
32.2th percentile
SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | global_vpn_client | <= 4.10.5 | — |
| sonicwall | sonicwall_global_vpn_client | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m3j4-rxwq-wxv7: SonicWall Global VPN Client 4
ghsa_unreviewed·2022-05-24
CVE-2021-20037 [HIGH] CWE-276 GHSA-m3j4-rxwq-wxv7: SonicWall Global VPN Client 4
SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier.
SonicWall
CVE-2021-20037: SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which p
vendor_sonicwall·2021-09-21·CVSS 7.8
CVE-2021-20037 [HIGH] CWE-276 CVE-2021-20037: SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which p
CVE-2021-20037: SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-09-21
Published