Critical Zero-Day Flaw in SonicWall SMA Devices Under Active Attack – Patch Now

Critical Zero-Day Flaw in SonicWall SMA Devices Under Active Attack - Patch Now

Critical Security Vulnerability Discovered in SonicWall SMA 1000 Series

SonicWall has identified a critical security vulnerability (CVE-2025-23006) affecting its Secure Mobile Access (SMA) 1000 Series appliances. The flaw, which carries a severe CVSS score of 9.8/10, is reportedly being exploited as a zero-day vulnerability in the wild.

The security issue stems from a pre-authentication deserialization vulnerability in both the Appliance Management Console (AMC) and Central Management Console (CMC). This flaw potentially allows unauthorized remote attackers to execute arbitrary OS commands on affected systems.

Key Points:
– Only affects SMA 1000 Series; Firewall and SMA 100 series remain unaffected
– Patch available in version 12.4.3-02854 (platform-hotfix)
– Discovered and reported by Microsoft Threat Intelligence Center (MSTIC)
– Active exploitation observed by threat actors

SonicWall urges customers to immediately implement the security patch and restrict AMC and CMC access to trusted sources only to mitigate potential risks.

Share This Article