A newly disclosed security flaw, tracked as CVE-2025-32817, has been identified in the SonicWall Connect Tunnel Windows Client, potentially exposing organizations to unauthorized file overwrites, denial of service (DoS), and file corruption.
The vulnerability, classified under CWE-59 (Improper Link Resolution Before File Access), affects both 32-bit and 64-bit versions of the client up to version 12.4.3.283.
Technical Overview
The vulnerability arises from improper link resolution, where the software fails to adequately validate file names before accessing them.
Specifically, the client does not prevent a filename from identifying a symbolic link or shortcut that could resolve to an unintended or unauthorized resource.
This flaw allows a local attacker with low privileges to craft malicious links, leading to the overwriting of arbitrary files on the system, potentially causing denial of service or file corruption.
Vulnerability Details Table
| Advisory ID | CVE ID | CWE ID | CVSS v3 Base Score | CVSS Vector | Affected Versions | Fixed Version |
|---|---|---|---|---|---|---|
| SNWLID-2025-0007 | CVE-2025-32817 | CWE-59 | 6.1 (Medium) | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 12.4.3.283 and prior | 12.4.3.298 and later |
CVSS Vector Breakdown:
- AV:L (Attack Vector: Local)
- AC:L (Attack Complexity: Low)
- PR:L (Privileges Required: Low)
- UI:N (User Interaction: None)
- S:U (Scope: Unchanged)
- C:N (Confidentiality: None)
- I:L (Integrity: Low)
- A:H (Availability: High)
Exploitability and Impact
The CVSS base score for this vulnerability is 6.1, indicating a medium severity risk.
The exploit prediction scoring system (EPSS) estimates a low likelihood (0.01%) of exploitation in the next 30 days.
However, if exploited, attackers could overwrite critical files, leading to service disruptions or data corruption.
Notably, this vulnerability does not impact confidentiality but poses significant risks to system integrity and availability.
Mitigation and Recommendations
There is currently no workaround for this vulnerability.
SonicWall has released a patched version, 12.4.3.298, which addresses the issue.
Users of affected versions are strongly advised to upgrade to the latest version immediately to mitigate potential risks.
Products Not Affected
It is important to note that only the Windows client is vulnerable.
SonicWall Connect Tunnel clients for Linux and Mac are not affected by CVE-2025-32817.
Summary Table: Affected and Fixed Versions
| Platform | Affected Versions | Fixed Version |
|---|---|---|
| Windows (32/64) | 12.4.3.283 and prior | 12.4.3.298 and later |
| Linux/Mac | Not affected | Not affected |
Organizations using SonicWall Connect Tunnel Windows Client should prioritize updating to the fixed version to prevent exploitation of this improper link resolution vulnerability.
Prompt patching is essential to maintain the integrity and availability of critical systems.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=The vulnerability, classified under CWE-59, affects both 32-bit and 64-bit versions of the client up to version 12.4.3.283.){kind=link}