Product Notice: Capture Client 3.7.10 & NetExtender 10.2.337 affected by SFPMONITOR.SYS KOOB Write vulnerability
Description
Overview
- CVE-2023-6340: Stack-based Buffer Overflow Vulnerability
- CVSS Score: 8.2
SonicWall Capture Client version 3.7.10 and NetExtender Client Windows client 10.2.337, including earlier versions are installed with sfpmonitor.sys driver. The driver method that handles communication from applications has been found to be susceptible to a Stack-based Buffer Overflow vulnerability.
Impact: Successfully leveraging CVE-2023-6340 against any Capture Client and NetExtender [MG1] versions for Windows OS can result in a Stack-based Buffer Overflow vulnerability which allows an attacker to craft a specific query to overwrite kernel memory, causing Denial of Service (DoS), potentially leading to code execution in the target operating system.
IMPORTANT: SonicWall is not aware of active exploitation in the wild. There have not been any reports of malicious use of this vulnerability reported to SonicWall.
Product Impact
Please review the table below to see the products and their versions that are impacted:
Impacted Product(s) | Impacted OS | Impacted Versions |
Capture Client | Windows | 3.7.10 and earlier versions |
NetExtender | Windows | 10.2.337 and earlier versions |
Remediation
Update February 9,2024: The latest version of NetExtender for Windows, version 10.2.339, has addressed an issue where users had to uninstall the current version before upgrading. Users can now upgrade to the latest version (10.2.339) without having to uninstall the previous version.
Impacted Product(s) | Impacted OS | Impacted Versions | Fixed Version |
Capture Client | Windows | 3.7.10 and earlier versions | 3.7.11 for Windows |
NetExtender | Windows | 10.2.337 and earlier versions | 10.2.338 for Windows |
SonicWall strongly advises Capture Client and SSL VPN NetExtender client users to upgrade to the latest release version, by uninstalling the current version and installing the updated version.
Related information