Local Privilege Escalation in Versa SASE Client for Windows
CVE-2025-34290

8.5HIGH

Key Information:

Vendor

Versa Networks

Status
Sase Client For Windows
Vendor
CVE Published:
20 December 2025

What is CVE-2025-34290?

The Versa SASE Client for Windows versions between 7.8.7 and 7.9.4 features a vulnerability in its audit log export functionality that allows local authenticated attackers to escalate their privileges. This arises from improper handling of user-controlled file paths within a privileged service, leading to potential exploitation via time-of-check time-of-use issues. Attackers can manipulate symbolic links and mount points to delete arbitrary directories with SYSTEM privileges, which may include sensitive system folders. This vulnerability emphasizes the critical importance of secure privilege management in software design to prevent unauthorized access and alterations.

Affected Version(s)

SASE Client for Windows Windows 7.8.7 < 7.9.5

References

https://security-portal.versa-networks.com/emailbulletins...
vendor-advisorypatch
https://www.vulncheck.com/advisories/versa-sase-client-fo...
third-party-advisory

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Eduardo PĂ©rez Malumbres Cervera from KPMG Spain
JSON
.
CVE-2025-34290 : Local Privilege Escalation in Versa SASE Client for Windows