SonicWall.SSLVPN.EndPoint.Installer.ActiveX.Control.Access

description-logoDescription

This indicates an attack attempt to exploit a buffer overflow vulnerability in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control.
The vulnerability is located in the Installer ActiveX control through miss-use of "Install3rdPartyComponent" method. It may allow remote attackers to execute
arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash,
resulting in a denial of service condition.

affected-products-logoAffected Products

SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control version 10.5.1.117

Impact logoImpact

System compromise

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested work around.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-01-11 16.995