Security News > 2025 > January > SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
2025-01-23 08:57

A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability,” the company said on Wednesday. About CVE-2025-23006 SonicWall Secure Mobile Access (SMA) is a unified secure access gateway used by organizations to provide employees access to applications from anywhere. The SMA 1000 series of appliances is aimed … More → The post SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2025/01/23/sonicwall-sma-1000-exploited-zero-day-cve-2025-23006/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2025-01-23 CVE-2025-23006 Deserialization of Untrusted Data vulnerability in Sonicwall products
Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.
network
low complexity
sonicwall CWE-502
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 121 0 41 74 41 156
SMA 44 0 1 9 8 18