CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2025-23006

CVSS 9.8v3.1pub. 2025-01-23upd. 2025-10-31

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sonicwall Sma6200

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma6200 Firmware

    OS
    Sonicwall
    < 12.4.3-02854
  • Sonicwall Sma6210

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma6210 Firmware

    OS
    Sonicwall
    < 12.4.3-02854
  • Sonicwall Sma7200

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma7200 Firmware

    OS
    Sonicwall
    < 12.4.3-02854
  • Sonicwall Sma7210

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma7210 Firmware

    OS
    Sonicwall
    < 12.4.3-02854
  • Sonicwall Sma8200v

    APP
    Sonicwall
    < 12.4.3-02854
  • Sonicwall Sra Ex6000

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sra Ex6000 Firmware

    OS
    Sonicwall
    ≤ 12.4.3-02804
  • Sonicwall Sra Ex7000

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sra Ex7000 Firmware

    OS
    Sonicwall
    ≤ 12.4.3-02804
  • Sonicwall Sra Ex9000

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sra Ex9000 Firmware

    OS
    Sonicwall
    ≤ 12.4.3-02804

CISA KEV — detailsi

Vendori
SonicWall
Producti
SMA1000 Appliances
Added to KEVi
January 24, 2025
Remediation deadline (US Federal)i
February 14, 2025(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 14 lutego 2025
Tags
Auth BypassDeserialization
CWE
References

Related vulnerabilities

CVE-2026-4112HIGH7.2ten sam produkt

Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 seri...

CVE-2026-4113HIGH7.2ten sam produkt

An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote at...

CVE-2026-4116HIGH7.2ten sam produkt

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSL...

CVE-2025-40602MEDIUM6.6⚠ KEVten sam produkt

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 applianc...

CVE-2026-4114MEDIUM6.6ten sam produkt

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSL...