CVE-2025-23009

Summary

A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion.

Affected Software

VendorProductVersion RangeStatus
SonicWallNetExtender10.3.1 and earlier versionsaffected

Weaknesses

  • CWE-250: CWE-250 Execution with Unnecessary Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References