SSL VPN Client Local DoS (CVE-2021-36809)

返回安全公告概览
Medium
CVE(s)
CVE-2021-36809
Updated:
产品
Sophos SSL VPN client
发布 ID sophos-sa-20220303-sslvpn-local-dos
文章版本 1
First Published
解决方法 No

Overview

A local privilege escalation vulnerability in the end-of-life Sophos SSL VPN client for Windows was discovered and responsibly disclosed to Sophos. It was reported via the Sophos bug bounty program by an external security researcher.

Sophos would like to thank Shachar Korot for responsibly disclosing the issue to Sophos.

The vulnerability allows a local attacker to overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss.

Customers are required to migrate to using Sophos Connect to remediate this issue. Sophos will not fix the vulnerability in the SSL VPN client.

Applies to the following Sophos product(s) and version(s)

  • Sophos SSL VPN client (all versions)

Remediation

  • Users of Sophos SSL VPN client are required to upgrade to the Sophos Connect v2 VPN client to remediate this issue