CVE-2024-29014
July 18, 2024, 5:15 p.m.
Tags
Product(s) Impacted
SonicWall NetExtender Windows client
- 10.2.339 and earlier
Description
Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update.
Weaknesses
CWE-94
Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CWE ID: 94Date
Published: July 18, 2024, 8:15 a.m.
Last Modified: July 18, 2024, 5:15 p.m.
Status : Undergoing Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
PSIRT@sonicwall.com
References
https://psirt.global.sonicwall.com/
PSIRT@sonicwall.com