CVE-2025-34290

Name of the Vulnerable Software and Affected Versions Versa SASE Client for Windows versions 7.8.7 through 7.9.4

Description The software contains a local privilege escalation issue in the audit log export functionality. The client sends user-controlled file paths to a privileged service, which then performs file system operations without using the requesting user's permissions. A time-of-check time-of-use race condition, combined with symbolic link and mount point manipulation, allows a local authenticated attacker to make the service delete arbitrary directories with SYSTEM privileges. This can lead to the deletion of protected system folders, such as C:Config.msi, and subsequent execution as NT AUTHORITYSYSTEM through MSI rollback techniques.

Recommendations Update Versa SASE Client for Windows versions prior to 7.9.5.