CVE-2025-23006

Description

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

From the Tenable Blog

CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited

Published: 2025-01-23

A zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) 1000 was reportedly exploited in the wild according to researchers.

References

https://www.securityweek.com/sonicwall-confirms-exploitation-of-new-sma-zero-day/

https://hackread.com/sonicwall-sma-appliances-exploited-zero-day-attacks/

https://www.cisa.gov/news-events/alerts/2025/01/24/cisa-adds-one-known-exploited-vulnerability-catalog

https://therecord.media/sonicwall-devices-exposed-zero-day

https://www.theregister.com/2025/01/23/sonicwall_critical_bug/

https://www.tenable.com/blog/cve-2025-23006-sonicwall-secure-mobile-access-sma-1000-zero-day-reportedly-exploited

https://www.securityweek.com/sonicwall-learns-from-microsoft-about-potentially-exploited-zero-day/

https://www.helpnetsecurity.com/2025/01/23/sonicwall-sma-1000-exploited-zero-day-cve-2025-23006/

https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-sma1000-rce-flaw-exploited-in-zero-day-attacks/

https://thehackernews.com/2025/01/sonicwall-urges-immediate-patch-for.html

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3