Privilege escalation in Sonicwall Sonicos

CVE-2024-53706

A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution.

Vulnerability class: Privilege Escalation

EPSS: 0.007 (71.3th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sonicos — versions 7.1.1-7058 and older versions, 7.1.2-7019

Weakness classification (CWE)

CWE-269 — Improper Privilege Management

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 (vendor-advisory)