CVE-2025-23007

Published: Jan 30, 2025

Modified: Apr 17, 2025

PUBLISHED

Description

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation.

Vendor	Product	Versions
SonicWall	NetExtender	affected `10.3.0`

Weaknesses (CWE)

CWE-269

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0005

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-23007

Description

Affected Products

Weaknesses (CWE)

References