A critical zero-day vulnerability in SonicWall’s SMA1000 series is being actively exploited by attackers, posing significant security risks. This flaw allows remote, unauthenticated attackers to execute arbitrary OS commands, potentially compromising affected systems.
The vulnerability, identified as CVE-2025-23006, was discovered by the Microsoft Threat Intelligence Center (MSTIC) and reported to SonicWall. It affects the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), enabling attackers to exploit deserialization of untrusted data. This vulnerability does not impact SonicWall Firewall or SMA 100 series products.
SonicWall has released a patch and provided mitigation recommendations. Organizations are urged to update to the latest firmware version (12.4.3-02854) and restrict access to the AMC and CMC interfaces to trusted sources only. Additionally, network monitoring tools should be employed to detect any unusual activity.
#CyTech #cybernews #cybersecurity #ciso #cisoworkplace #vulnerability #SonicWall
Leave a Reply