- Description
- An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations.
- Source
- PSIRT@sonicwall.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 6
- Exploitability score
- 0.5
- Vector string
- CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
- Severity
- HIGH
- PSIRT@sonicwall.com
- CWE-250
- Hype score
- Not currently trending
🔧 SonicWall fixes a high-severity flaw (CVE-2025-23008) in its NetExtender VPN client that lets authenticated users change config settings. Update to v10.3.2 ASAP to stay secure. https://t.co/XqImeJHxwW #VPNsecurity #VPN #sonicwall
@dCypherIO
14 Apr 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23008, CVE-2025-23009, CVE-2025-23010 SonicWall NetExtender Windows Client Multiple Vulnerabilities https://t.co/AUjHg3QoHE
@autumn_good_35
14 Apr 2025
625 Impressions
0 Retweets
2 Likes
1 Bookmark
1 Reply
0 Quotes
🚨 CVE-2025-23008 🔴 HIGH (7.2) 🏢 SonicWall - NetExtender 🏗️ 10.3.1 and earlier versions 🔗 https://t.co/AqObxBj1Hv #CyberCron #VulnAlert #InfoSec https://t.co/levseg2See
@cybercronai
12 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری اول دارای کد شناسایی CVE-2025-23008 از نوع alter configurations ، آسیب پذیری دوم با کد شناسایی CVE-2025-23009 از نوع privilege escalation و آسیب پذیری سوم با کد شناسایی CVE-2025-23010 و از نوع manipulate file paths می باشد. https://t.co/Poz3aKY03t https://t.co/EztAUnc5
@AmirHossein_sec
11 Apr 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23008 An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations. https://t.co/orjaGX8wce
@CVEnew
10 Apr 2025
245 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes