SonicWall Warns of Vulnerabilities in NetExtender Windows Client

SonicWall has issued a warning regarding serious security vulnerabilities affecting its NetExtender Windows client, which could enable attackers to escalate their privileges within the system.

According to a security advisory from the manufacturer, the primary concern lies with the Windows version of the SSL-VPN software, NetExtender. The most critical risk is attributed to inadequate privilege management, affecting both 32-bit and 64-bit versions of the software. Attackers possessing low-level permissions may exploit this flaw to alter configurations, categorized under CVE-2025-23008, with a CVSS score of 7.2, indicating a high risk level.

Additionally, malicious actors can manipulate file paths due to a vulnerability related to link resolution prior to file access or link tracking, identified as CVE-2025-23010, with a CVSS score of 6.5, classified as medium risk. A further vulnerability, CVE-2025-23009, allows attackers to enhance their privileges, enabling them to delete arbitrary files from the system, with a CVSS score of 5.9, also considered medium risk.

Currently, there are no reported incidents of these vulnerabilities being exploited in the wild. However, SonicWall strongly advises users of the NetExtender Windows client to promptly update to the corrected software version. The security issues are resolved in version 10.3.2 and later for both the 32-bit and 64-bit versions of NetExtender.

Given that vulnerabilities in SonicWall products typically grant attackers access to networks, it is crucial for users to take these warnings seriously. In February, for example, cybercriminals targeted SonicWall firewalls following the release of proof-of-concept code for a different vulnerability, CVE-2024-53704, which was also rated as high risk. Organizations utilizing SonicWall products should ensure that they apply available updates without delay to safeguard against potential attacks.