CVE-2020-5131: Input Validation
First published: Fri Jul 17 2020(Updated: )
SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier.
Credit: PSIRT@sonicwall.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWall NetExtender Windows | <=9.0.815 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-5131?
CVE-2020-5131 is a vulnerability in SonicWall NetExtender Windows client that allows an attacker to overwrite a DLL file and execute code with the same privilege in the host operating system.
How does CVE-2020-5131 affect SonicWall NetExtender Windows client?
CVE-2020-5131 affects SonicWall NetExtender Windows client version 9.0.815 and earlier.
What is the severity of CVE-2020-5131?
The severity of CVE-2020-5131 is high with a CVSS score of 7.8.
How can an attacker exploit CVE-2020-5131?
An attacker can exploit CVE-2020-5131 by overwriting a DLL file and executing code with the same privilege as the host operating system.
How can I protect my system from CVE-2020-5131?
To protect your system from CVE-2020-5131, it is recommended to update SonicWall NetExtender Windows client to a version higher than 9.0.815.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/tags
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- vendor/sonicwall
- canonical/sonicwall netextender windows
- version/sonicwall netextender windows/9.0.815