Description

Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.

INFO

Published Date :

2025-12-20T20:01:42.552Z

Last Modified :

2025-12-22T16:17:23.123Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2025-34290 vulnerability.

Vendors Products
Microsoft
  • Windows
Versa-networks
  • Sase Client
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-34290.

URL Resource
https://security-portal.versa-networks.com/emailbulletins/69421e33d03aafc8e5bdaf21 cve-icon cve-icon
https://www.vulncheck.com/advisories/versa-sase-client-for-windows-arbitrary-file-deletion-leading-to-lpe cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability