Primary

Context

SonicWall NetExtender Windows Privilege Escalation Vulnerability via Unauthorized SYSTEM File Access

Vulnerability

Patched

A vulnerability exists in the NetExtender Windows client log export function, allowing unauthorized access to sensitive Windows system files. This access could potentially lead to privilege escalation. The issue is present in NetExtender Windows version 10.3.0, affecting both 32-bit and 64-bit clients. Notably, NetExtender Windows 10.2.x versions and Linux-based NetExtender clients are not affected.

Impact

Exploitation of this vulnerability could result in local privilege escalation, allowing a user to gain elevated rights on the system.

Remediation

Users can upgrade to NetExtender Windows version 10.3.1 or higher to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SonicWall NetExtender Windows Privilege Escalation Vulnerability via Unauthorized SYSTEM File Access

Vulnerability

Impact

Remediation

Affected Products

SonicWall NetExtender

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating