CVE-2021-20047
First published: Wed Dec 08 2021(Updated: )
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system.
Credit: PSIRT@sonicwall.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWALL GLobal VPN Client | <=4.10.6 | |
| SonicWALL GLobal VPN Client | <=4.10.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this SonicWall Global VPN client vulnerability?
The vulnerability ID for this SonicWall Global VPN client vulnerability is CVE-2021-20047.
What is the severity of CVE-2021-20047?
CVE-2021-20047 has a severity rating of 7.8, which is considered high.
What is the affected software for CVE-2021-20047?
The affected software for CVE-2021-20047 is SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier.
What is the impact of CVE-2021-20047?
Successful exploitation of CVE-2021-20047 could result in remote code execution in the target system.
Is there a fix available for CVE-2021-20047?
Yes, SonicWall has released a fix for CVE-2021-20047. It is recommended to update to the latest version of SonicWall Global VPN client to mitigate the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sonicwall
- canonical/sonicwall global vpn client
- version/sonicwall global vpn client/4.10.6