SonicWall warns of critical vulnerability in SMA1000 appliances
/ 1 min read
🔧 SonicWall issues critical warning over zero-day vulnerability in SMA1000 appliances. A pre-authentication deserialization flaw, tracked as CVE-2025-23006 and rated critical with a CVSS score of 9.8, has been exploited in attacks against SonicWall’s SMA1000 Appliance Management Console and Central Management Console. This vulnerability allows remote unauthenticated attackers to execute arbitrary OS commands and affects all firmware versions up to 12.4.3-02804. SonicWall advises users to upgrade to the hotfix release version 12.4.3-02854 to mitigate risks. The flaw does not impact SMA 100 series products, and Germany’s CERT-Bund has urged immediate updates. With over 2,380 SMA1000 devices exposed online, the urgency for patching is heightened, especially given the critical role these appliances play in secure remote access for organizations.
