Improper Link Resolution in SonicWall Connect Tunnel Client
CVE-2025-32817

6.1MEDIUM

Key Information:

Vendor: Sonicwall
Status: Connect Tunnel
Vendor: CVE Published:; 16 April 2025

Summary

A vulnerability has been identified in the SonicWall Connect Tunnel Windows client that allows for improper link resolution (CWE-59). This flaw can result in unauthorized file overwrites, potentially leading to a denial of service or corruption of files. Users of both the 32-bit and 64-bit versions of the SonicWall Connect Tunnel client should be aware of the risks posed by this vulnerability and take appropriate measures to secure their systems.

Affected Version(s)

Connect Tunnel Windows 12.4.3.283 and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 16, 2025