Vulnerability Details CVE-2023-44220
SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.6%
CVSS Severity
CVSS v3 Score 7.3
References
Products affected by CVE-2023-44220
-
cpe:2.3:a:sonicwall:netextender:-
-
cpe:2.3:a:sonicwall:netextender:10.2.300
-
cpe:2.3:a:sonicwall:netextender:10.2.322
-
cpe:2.3:a:sonicwall:netextender:10.2.336
-
cpe:2.3:a:sonicwall:netextender:7.5
-
cpe:2.3:a:sonicwall:netextender:7.5.226
-
cpe:2.3:a:sonicwall:netextender:7.5.227
-
cpe:2.3:a:sonicwall:netextender:8.0
-
cpe:2.3:a:sonicwall:netextender:8.0.236
-
cpe:2.3:a:sonicwall:netextender:8.0.238
-
cpe:2.3:a:sonicwall:netextender:9.0.815