SFPMonitor.sys KOOB Write vulnerability

SonicWall Security Advisory

SonicWall Capture Client version 3.7.10 and NetExtender Client Windows client 10.2.337 and earlier versions are being installed with sfpmonitor.sys driver. The client applications communicate with the driver through queries. The driver method that handles those queries has Stack-based Buffer Overflow vulnerability that allows an attacker to craft a specific query to overwrite kernel memory, causing Denial of Service (DoS) which potentially leads to code execution in the target operating system.

SonicWall strongly advises Capture Client and SSL VPN NetExtender client users to upgrade to the latest release version.

CVE: CVE-2023-6340
Last updated: Jan. 17, 2024, 6:23 a.m.