CVE-2020-5145
HIGHSonicWall Global VPN Client < 4.10.4.0314 - Remote Code Execution via DLL Hijacking
Title source: llmDescription
SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0021
Scores
CVSS v3
8.6
EPSS
0.0017
EPSS Percentile
37.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Details
CWE
CWE-427
Status
published
Products (1)
sonicwall/global_vpn_client
< 4.10.4.0314
Published
Oct 28, 2020
Tracked Since
Feb 18, 2026