CVE-2024-53706 | THREATINT

Description

A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution.

PUBLISHED Reserved 2024-11-22 | Published 2025-01-09 | Updated 2025-01-09 | Assigner sonicwall

Problem types

CWE-269 Improper Privilege Management

Product status

Default status

unknown

7.1.1-7058 and older versions

affected

7.1.2-7019

affected

Credits

Daan Keuper, Thijs Alkemade and Khaled Nassar of Computest Security through Trend Micro (Zero Day Initiative) reporter

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 vendor-advisory

cve.org (CVE-2024-53706)

nvd.nist.gov (CVE-2024-53706)

Download JSON