What the vulnerability does

01Description

A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution.

Key dates

02Disclosure timeline

January 9, 2025 CVE published
February 26, 2026 Record updated