![]() ![]() The GVC installer doesn’t remove problematic RarSFX folder and its content after installation. ![]() Command execution in the target system needs to be executed with administrator privileges. These vulnerabilities require user interaction and running of the vulnerable installer. A vulnerable installer component (RunMSI.exe) is vulnerable to a total of 15 variations of the DLL Search Order Hijacking. ![]() All vulnerable DLL components are located in the RunMSI.exe part of the installer. Successful exploitation via a privileged user could result in command execution in the target system. SonicWall strongly urges that organizations using the Global VPN Client (GVC) in your network follow the guidance below. The vulnerabilities can’t be exploited on a clean system. All three vulnerabilities can only be exploited after the adversary gains control of the machine, has admin privilege or is able to place malicious files on the machine. There is no evidence that these vulnerabilities are being exploited in the wild. Only the 32-bit version of GVC is vulnerable. While first two vulnerabilities apply to the installer, this one is in the application itself.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |