`

Free delivery

UK Sales: 0330 1340 230

HAPPY CHRISTMAS TO EVERYONE!

*** Our warehouse will be closed from 1pm on 24th December, then reopen on 5th January, so any hardware orders received after Wednesday 24th will be despatched on Monday 5th January ***

*** Software & subscription orders will still be processed between Xmas and New Year but they may take a little longer due to reduced levels of staff here, and at SonicWall. Apologies for any inconvenience ***

SonicWall Global VPN Client (GVC) Update

28/04/2022
by Paul Heritage

SonicWall PSIRT has worked with engineering and product teams to confirm and correct three vulnerabilities associated with the SonicWall Global VPN Client (GVC), two of which impact the included client installer. Successful exploitation via a privileged user could potentially result in command execution in the target system.

IMPORTANT: There is no evidence that these vulnerabilities are being exploited in the wild. The three vulnerabilities can only be exploited after the adversary gains control of the machine, has admin privilege or is able to place malicious files on the machine.

SonicWall strongly urges that organizations using 32- and 64-bit GVC versions in their networks carefully review the knowledge base (KB) article and follow guidance for upgrade.

OVERVIEW

Advisory ID: SNWLID-2021-0036

Product(s): SonicWall Global VPN Client (GVC)

Issue: GVC DLL Search Order Hijacking

CVSS: 7.7 (High)

Impacted Version(s): GVC 4.10.7.1117 and earlier (32- & 64-bit version)

Fixed Version(s): GVC 4.10.7.1424 (32- & 64-bit version)

Notes: There are different mitigation steps for 32- and 64-bit GVC versions. Please read the KB article carefully to resolve issues to your specific version.

READ SUPPORT ADVISORY

IMPORTANT: Adhering to industry best practices, SonicWall does not provide support (e.g., technical support, firmware updates/upgrades, hardware replacements) for products that have reached End-of-Support (EOS) status. View the SonicWall Product Lifecycle Table for more information.