CVE-2025-23009

CVSS v3.1

7.2

High

Vector

AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SonicWall NetExtender versions (affected versions not specified)

Description A local privilege escalation vulnerability in the SonicWall NetExtender Windows client allows an attacker to trigger an arbitrary file deletion. This issue is related to insufficient access control in the client.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-250

Related Identifiers

BDU:2025-04591

CVE-2025-23009

Affected Products

Sonicwall Netextender

CVE-2025-23009

Weakness Enumeration

Related Identifiers

Affected Products

References · 16