CVE-2025-23006

SonicWall SMA1000 Appliances Deserialization Vulnerability

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

Act

*SSVC

Descriptions

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

Se ha identificado una vulnerabilidad de deserialización de datos no confiables antes de la autenticación en SMA1000 Appliance Management Console (AMC) y Central Management Console (CMC), que en condiciones específicas podría permitir que un atacante remoto no autenticado ejecute comandos arbitrarios del sistema operativo.

SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Act

Exploitation

Active

Automatable

Yes

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2025-01-09 CVE Reserved
2025-01-23 CVE Published
2025-01-24 Exploited in Wild
2025-02-14 KEV Due Date
2025-03-18 CVE Updated
2025-04-01 EPSS Updated
---------- First Exploit

CWE

CWE-502: Deserialization of Untrusted Data

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002	2025-01-23

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Sonicwall Search vendor "Sonicwall"		Sma8200v Search vendor "Sonicwall" for product "Sma8200v"				*		-		Affected
Sonicwall Search vendor "Sonicwall"		Sma1000 Search vendor "Sonicwall" for product "Sma1000"				*		-		Affected
Sonicwall Search vendor "Sonicwall"		Sma6200 Firmware Search vendor "Sonicwall" for product "Sma6200 Firmware"				*		-		Affected
Sonicwall Search vendor "Sonicwall"		Sma6210 Firmware Search vendor "Sonicwall" for product "Sma6210 Firmware"				*		-		Affected
Sonicwall Search vendor "Sonicwall"		Sma7200 Firmware Search vendor "Sonicwall" for product "Sma7200 Firmware"				*		-		Affected
Sonicwall Search vendor "Sonicwall"		Sma7210 Firmware Search vendor "Sonicwall" for product "Sma7210 Firmware"				*		-		Affected
Sonicwall Search vendor "Sonicwall"		Sra Ex6000 Firmware Search vendor "Sonicwall" for product "Sra Ex6000 Firmware"				*		-		Affected
Sonicwall Search vendor "Sonicwall"		Sra Ex7000 Firmware Search vendor "Sonicwall" for product "Sra Ex7000 Firmware"				*		-		Affected
Sonicwall Search vendor "Sonicwall"		Sra Ex9000 Firmware Search vendor "Sonicwall" for product "Sra Ex9000 Firmware"				*		-		Affected