cbcvebase.
CVE-2023-44220
published 2023-10-27

CVE-2023-44220: SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL…

PriorityP434high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
EPSS
0.29%
21.1th percentile
SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system.

Affected

3 ranges
VendorProductVersion rangeFixed in
sonicwallnetextender<= 10.2.336
sonicwallnetextender
sonicwallnetextender
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.