January 24, 2025 By Pierluigi Paganini
SonicWall warns customers of a critical zero-day vulnerability in SMA 1000 Series appliances, likely exploited in the wild.
SonicWall is waring customers of a critical security vulnerability, tracked as CVE-2025-23006 (CVSS score of 9,8) impacting its Secure Mobile Access (SMA) 1000 Series appliances. The vulnerability is a Pre-authentication deserialization of untrusted data issue in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) that has been likely exploited in attacks in the wild as a zero-day.
“Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.” reads the advisory. “IMPORTANT: “SonicWall PSIRT has been notified of possible active exploitation of the referenced vulnerability by threat actors. We strongly advises users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability.”
