Rewterz Threat Alert – Gafgyt aka Bashlite Malware – Active IOCs
October 4, 2023Rewterz Threat Advisory – CVE-2023-5346 – Google Chrome Vulnerability
October 4, 2023Rewterz Threat Alert – Gafgyt aka Bashlite Malware – Active IOCs
October 4, 2023Rewterz Threat Advisory – CVE-2023-5346 – Google Chrome Vulnerability
October 4, 2023Severity
High
Analysis Summary
CVE-2023-44217 CVSS:7.9
SonicWall Net Extender Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the repair function. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain system privileges.
CVE-2023-44218 CVSS:9.8
SonicWall Net Extender Windows could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the Pre-Logon feature function. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain system privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-44217
- CVE-2023-44218
Affected Vendors
Sonicwall
Affected Products
- SonicWall NetExtender Windows 10.2.336
Remediation
Refer to SonicWall Security Advisory for patch, upgrade or suggested workaround information.