What the vulnerability does

01Description

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.

Key dates

02Disclosure timeline

December 19, 2019 CVE published
August 4, 2024 Record updated