Rewterz Threat Alert – APT MustangPanda – Active IOCs
December 9, 2021Rewterz Threat Advisory – Multiple IBM Db2 and WebSphere Application Server Vulnerabilities
December 10, 2021Rewterz Threat Alert – APT MustangPanda – Active IOCs
December 9, 2021Rewterz Threat Advisory – Multiple IBM Db2 and WebSphere Application Server Vulnerabilities
December 10, 2021Severity
Medium
Analysis Summary
CVE-2021-20047
SonicWall Global VPN Client could allow a remote attacker to execute arbitrary code on the system, caused by an uncontrolled search path element. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Affected Vendors
Sonicwall
Affected Products
- SonicWALL Global VPN Client 4.0 2-51e Standard
- SonicWALL Global VPN Client 4.0 2-51e Enhanced
- SonicWALL Global VPN Client 4.0 830
- SonicWALL Global VPN Client 4.0 782
- SonicWALL Global VPN Client 4.0.0.835
- SonicWall Global VPN client 4.10.4.0314
- SonicWall Global VPN Client 4.10.5
Remediation
Refer to SonicWall Security Advisory for patch, upgrade or suggested workaround information.