Versa Networks · Versa Sase Client For Windows · CVE-2025-34290
**Name of the Vulnerable Software and Affected Versions**
Versa SASE Client for Windows versions 7.8.7 through 7.9.4
**Description**
The software contains a local privilege escalation issue in the audit log export functionality. The client sends user-controlled file paths to a privileged service, which then performs file system operations without using the requesting user's permissions. A time-of-check time-of-use race condition, combined with symbolic link and mount point manipulation, allows a local authenticated attacker to make the service delete arbitrary directories with SYSTEM privileges. This can lead to the deletion of protected system folders, such as `C:Config.msi`, and subsequent execution as `NT AUTHORITYSYSTEM` through MSI rollback techniques.
**Recommendations**
Update Versa SASE Client for Windows versions prior to 7.9.5.