Summary: SonicWall has acknowledged a critical remote command execution vulnerability (CVE-2025-23006) affecting its Secure Mobile Access (SMA) 1000 series products, which may have been actively exploited. The vulnerability allows unauthenticated attackers to execute arbitrary OS commands under specific conditions. SonicWall has released a patch and urges customers to update their systems immediately to mitigate the risk.
Threat Actor: Unknown | unknown
Victim: SonicWall | SonicWall
Keypoints :
- The vulnerability is related to untrusted data deserialization in the Appliance Management Console and Central Management Console.
- Version 12.4.3-02804 and earlier are affected; users are advised to upgrade to version 12.4.3-02854.
- Microsoft’s Threat Intelligence Center reported the vulnerability but has not disclosed specific details about any ongoing exploitation.
Source: https://www.securityweek.com/sonicwall-learns-from-microsoft-about-potentially-exploited-zero-day/