Sonicwall has issued a security advisory concerning multiple vulnerabilities discovered in its Netextender VPN client for Windows. The flaws could allow attackers to escalate their privileges and compromise system integrity.
According to the statement from Sonicwall developers, the vulnerabilities specifically affect the SSL-VPN software Netextender, with the Windows client being the primary concern. Both the 32-bit and 64-bit versions are impacted. The most critical vulnerability stems from inadequate permission management, which allows users with low-level privileges to alter configurations (CVE-2025-23008). This flaw has been rated as “high” severity with a CVSS score of 7.2.
Additional, Less Severe Vulnerabilities Identified
Aside from the most severe issue, Sonicwall identified two additional vulnerabilities. One of them allows malicious actors to manipulate file paths by exploiting a “link resolution before file access” weakness, commonly referred to as link tracking (CVE-2025-23010, CVSS 6.5, risk level “medium”). Another flaw permits attackers to escalate privileges and delete arbitrary files on the system (CVE-2025-23009, CVSS 5.9, risk level “medium”).
At present, there is no evidence that these vulnerabilities have been exploited in the wild. However, Sonicwall is urging all users of the Netextender Windows client to upgrade to the latest patched version of the software. These issues have been resolved in version 10.3.2 and later, for both 32-bit and 64-bit systems.
Elevated Risk for Sonicwall Products
Security flaws in Sonicwall products have historically been of high interest to cybercriminals due to their potential to provide unauthorised access to networks. In mid-February, Sonicwall firewalls were targeted by attackers following the release of proof-of-concept code for a separate vulnerability (CVE-2024-53704), which was also considered high-risk.
Given this context, users of Sonicwall products are strongly encouraged to apply available updates without delay to minimise the risk of exploitation.
