2 matches found
CVE-2020-5148
SonicWall SSO-agent vulnerability CVE-2020-5148 occurs when NetAPI is used as the client probing method. NetAPI probing can allow an attacker to capture the privileged user’s password hash via NetWkstaUserEnum and may force the SSO-Agent to authenticate, potentially bypassing firewall access cont...
CVE-2023-44219
CVE-2023-44219 describes a local privilege escalation in SonicWall Directory Services Connector Windows MSI client, affected versions 4.1.21 and earlier. The root cause is exploitation via the client’s recovery feature, enabling a local low-privileged user to obtain system privileges (high impact...