HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2023-44218

CVSS 8.8v3.1pub. 2023-10-03upd. 2024-11-21

A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sonicwall Netextender

    APP
    Sonicwall
    ≀ 10.2.336
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2024-29014HIGH8.8ten sam produkt

Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions all...

CVE-2023-44220HIGH7.3ten sam produkt

SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order...

CVE-2023-44217HIGH7.8ten sam produkt

A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earl...

CVE-2022-22281HIGH7.8ten sam produkt

A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.32...

CVE-2020-5131HIGH7.8ten sam produkt

SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to...

CVE-2023-44218 β€” Sonicwall β€” Netextender β€” HIGH β€” CVSS 8.8 | CVEbaza.pl