Sonicwall Netextender: Security leaks jeopardize Windows client

There are security gaps in the VPN software Netextender that could allow attackers to extend their rights, for example. Manufacturer Sonicwall is currently issuing a warning about this.

In the security announcement, the Sonicwall developers write that the Windows client of the SSL VPN software Netextender is particularly affected. The greatest risk comes from inadequate rights management in Sonicwall Netextender Windows, both in the 32-bit and 64-bit versions. Attackers with low privileges can change configurations (CVE-2025-23008, CVSS 7.2, risk"high").

Netextender: Less threatening vulnerabilities

Malicious actors can also manipulate file paths. This is based on a vulnerability of the type "link resolution before file access" or "link tracing", as Sonicwall writes (CVE-2025-23010, CVSS 6.5, risk"medium"). A third vulnerability allows attackers to escalate their privileges and thereby delete arbitrary files on the system (CVE-2025-23009, CVSS 5.9, risk "medium").

Sonicwall currently has no knowledge of any of these vulnerabilities being abused. Nevertheless, the manufacturer urgently advises users of the Sonicwall Netextender Windows client to update to the bug-fixed software version. Netextender Windows, 32- and 64-bit, version 10.3.2 and newer, fixes the vulnerabilities.

As Sonicwall vulnerabilities can usually give attackers access to networks, these vulnerabilities are very popular with cybercriminals. In mid-February, for example, attackers targeted Sonicwall firewalls. Shortly after the publication of proof-of-concept code for a security vulnerability (CVE-2024-53704, risk"high"), the attacks on this security leak became known. Anyone using Sonicwall products should therefore install the available updates as soon as possible.

(dmk)