CVE-2025-32817: A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file...

Description

A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service or file corruption.

Classification

CVE ID: CVE-2025-32817

Problem Types

CWE-59 Improper Link Resolution Before File Access ('Link Following')

Affected Products

Vendor: SonicWall

Product: Connect Tunnel

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 3.28% (scored less or equal to compared to others)

EPSS Date: 2025-04-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-32817
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0007

Timeline

2025-04-16 20:40:12 UTC
CVE

A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file...