SonicWall has released security updates to address multiple vulnerabilities affecting its SMA 1000 series SSL-VPN appliances and the Connect Tunnel Windows client. These flaws include CVE-2024-45316, a local privilege escalation vulnerability (CVSS score 7.8) that allows standard users to delete arbitrary folders and files. Another critical vulnerability, CVE-2024-45317 (CVSS score 7.2), involves server-side request forgery (SSRF), which could expose internal resources. A third flaw, CVE-2024-45315, may lead to a denial-of-service attack. While no active exploitation has been reported, SonicWall urges users to update to the latest patched versions.