What the vulnerability does

01Description

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.

Key dates

02Disclosure timeline

January 17, 2024 CVE published
June 11, 2025 Record updated