Arbitrary File Overwrite Vulnerability in Sophos SSL VPN Client

Arbitrary File Overwrite Vulnerability in Sophos SSL VPN Client

CVE-2021-36809 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.

Learn more about our Cis Benchmark Audit For Sophos.