Critical Flaw in SonicWALL Connect Tunnel Enables DoS Attacks

A newly disclosed security flaw, tracked as CVE-2025-32817, has been identified in the SonicWall Connect Tunnel Windows Client, potentially exposing organizations to unauthorized file overwrites, denial of service (DoS), and file corruption.

The vulnerability, classified under CWE-59 (Improper Link Resolution Before File Access), affects both 32-bit and 64-bit versions of the client up to version 12.4.3.283.

Technical Overview

The vulnerability arises from improper link resolution, where the software fails to adequately validate file names before accessing them.

Specifically, the client does not prevent a filename from identifying a symbolic link or shortcut that could resolve to an unintended or unauthorized resource.

This flaw allows a local attacker with low privileges to craft malicious links, leading to the overwriting of arbitrary files on the system, potentially causing denial of service or file corruption.

Vulnerability Details Table

Advisory ID	CVE ID	CWE ID	CVSS v3 Base Score	CVSS Vector	Affected Versions	Fixed Version
SNWLID-2025-0007	CVE-2025-32817	CWE-59	6.1 (Medium)	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H	12.4.3.283 and prior	12.4.3.298 and later

CVSS Vector Breakdown:

• AV:L (Attack Vector: Local)
• AC:L (Attack Complexity: Low)
• PR:L (Privileges Required: Low)
• UI:N (User Interaction: None)
• S:U (Scope: Unchanged)
• C:N (Confidentiality: None)
• I:L (Integrity: Low)
• A:H (Availability: High)

Exploitability and Impact

The CVSS base score for this vulnerability is 6.1, indicating a medium severity risk.

The exploit prediction scoring system (EPSS) estimates a low likelihood (0.01%) of exploitation in the next 30 days.

However, if exploited, attackers could overwrite critical files, leading to service disruptions or data corruption.

Notably, this vulnerability does not impact confidentiality but poses significant risks to system integrity and availability.

Mitigation and Recommendations

There is currently no workaround for this vulnerability.

SonicWall has released a patched version, 12.4.3.298, which addresses the issue.

Users of affected versions are strongly advised to upgrade to the latest version immediately to mitigate potential risks.

Products Not Affected

It is important to note that only the Windows client is vulnerable.

SonicWall Connect Tunnel clients for Linux and Mac are not affected by CVE-2025-32817.

Summary Table: Affected and Fixed Versions

Platform	Affected Versions	Fixed Version
Windows (32/64)	12.4.3.283 and prior	12.4.3.298 and later
Linux/Mac	Not affected	Not affected

Organizations using SonicWall Connect Tunnel Windows Client should prioritize updating to the fixed version to prevent exploitation of this improper link resolution vulnerability.

Prompt patching is essential to maintain the integrity and availability of critical systems.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates

The post Critical Flaw in SonicWALL Connect Tunnel Enables DoS Attacks appeared first on Cyber Security News.