Security News > 2025 > January > SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability,” the company said on Wednesday. About CVE-2025-23006 SonicWall Secure Mobile Access (SMA) is a unified secure access gateway used by organizations to provide employees access to applications from anywhere. The SMA 1000 series of appliances is aimed … More → The post SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/01/23/sonicwall-sma-1000-exploited-zero-day-cve-2025-23006/
Related news
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704) (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-01-23 | CVE-2025-23006 | Unspecified vulnerability in Sonicwall products Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands. | 9.8 |