Summary: A critical vulnerability in SonicWall’s Secure Mobile Access (SMA) 1000 Series VPN appliances is being actively exploited by hackers, prompting urgent advisories from cybersecurity experts. The vulnerability, tracked as CVE-2025-23006, has a severity rating of 9.8 out of 10, indicating a high risk for users. Companies are urged to upgrade to the latest hotfix to mitigate potential attacks.
Threat Actor: Unknown | unknown
Victim: SonicWall Users | sonicwall users
Keypoints :
- The vulnerability affects approximately 2,300 SonicWall devices exposed to the internet, primarily in the U.S., Germany, and Hong Kong.
- The Cybersecurity and Infrastructure Security Agency (CISA) has mandated civilian agencies to patch the vulnerability by February 14.
- SonicWall devices have a history of being targeted by ransomware groups and are frequently listed among exploited vulnerabilities.
Source: https://therecord.media/sonicwall-devices-exposed-zero-day