Summary: SonicWall has issued a warning regarding a critical pre-authentication deserialization vulnerability (CVE-2025-23006) in its SMA1000 Appliance Management Console, which has reportedly been exploited as a zero-day in attacks. This flaw allows remote unauthenticated attackers to execute arbitrary OS commands, affecting all firmware versions up to 12.4.3-02804. Users are urged to upgrade to the latest hotfix to mitigate risks associated with this vulnerability.
Threat Actor: Unknown | unknown
Victim: SonicWall SMA1000 users | SonicWall SMA1000 users
Keypoints :
- Vulnerability CVE-2025-23006 has a critical CVSS score of 9.8 and affects all firmware versions up to 12.4.3-02804.
- SonicWall recommends upgrading to version 12.4.3-02854 or later to address the vulnerability.
- Germany’s CERT-Bund has also urged immediate updates for system administrators to mitigate risks.