Product Notice: Capture Client 3.7.10 & NetExtender 10.2.337 affected by SFPMONITOR.SYS KOOB Write vulnerability

Overview

• CVE-2023-6340: Stack-based Buffer Overflow Vulnerability
  
  • CVSS Score: 8.2

SonicWall Capture Client version 3.7.10 and NetExtender Client Windows client 10.2.337, including earlier versions are installed with sfpmonitor.sys driver.  The driver method that handles communication from applications has been found to be susceptible to a Stack-based Buffer Overflow vulnerability.

Impact: Successfully leveraging CVE-2023-6340 against any Capture Client and NetExtender [MG1] versions for Windows OS can result in a Stack-based Buffer Overflow vulnerability which allows an attacker to craft a specific query to overwrite kernel memory, causing Denial of Service (DoS), potentially leading to code execution in the target operating system.

IMPORTANT: SonicWall is not aware of active exploitation in the wild. There have not been any reports of malicious use of this vulnerability reported to SonicWall. 

Product Impact

Please review the table below to see the products and their versions that are impacted:

Remediation

Update February 9,2024: The latest version of NetExtender for Windows, version 10.2.339, has addressed an issue where users had to uninstall the current version before upgrading. Users can now upgrade to the latest version (10.2.339) without having to uninstall the previous version.

SonicWall strongly advises Capture Client and SSL VPN NetExtender client users to upgrade to the latest release version, by uninstalling the current version and installing the updated version.

Related information

• SNWLID-2023-6340
• CVE-2023-6340
• PSIRT Portal
• How to upgrade Capture Client automatically using Client Policy?