- Products
- Network Security
- Threat Protection
- Secure Access Service Edge (SASE)
- Cloud Security
- Endpoint Security
- Email Security
- Secure Access
-
Wi-Fi 6 Access Points
SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.
Read More
- Solutions
- Industries
- Use Cases
- Solutions Widgets
- Solutions Content Widgets
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
- Solutions Image Widgets
-
- Partners
- SonicWall Partners
- Partner Resources
- Partner Widgets
- Custom HTML : Partners Content WIdgets
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
- Partners Image Widgets
-
- Support
- Support
- Resources
- Capture Labs
- Support Widget
- Custom HTML : Support Content WIdgets
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
- Support Image Widgets
-
- COMPANY
- PROMOTIONS
- MANAGED SERVICES
- Contact Sales
-
- Menu
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
SonicWall Notice Concerning Privilege Escalation Vulnerability in the Windows NetExtender client (CVE-2015-4173)
First Published:08/25/2015
Last Updated:12/20/2019
SonicWALL Notice Concerning Privilege Escalation Vulnerability in the Windows NetExtender client (CVE-2015-4173)
Dear Customer,
A vulnerability CVE-2015- 4173, affects a Registry key used by SonicWALL NetExtender client for Windows exposes the system to a binary planting attack that can be triggered upon login. A malicious binary placed in a specific system folder by a low-privileged user could result in code execution upon an Administrator login.
SonicWALL SMB SRA
NetExtender version | NetExtender 8.0.236 or earlier NetExtender 7.5.226 or earlier |
Recommended Action | NetExtender 8.0.238 (or newer) is included in the SRA Firmware 8.0.0.3-23sv |
Reported by
Andrew J. Smith, Security Analyst, Sword & Shield Enterprise Security (http://www.swordshield.com)
Additional Information
The latest 8.0 and 7.5 firmware versions are available for download on www.mysonicwall.com. Please contact SonicWALL Tech Support for any issues in applying this security update.
