SonicWall is alerting clients of a essential security flaw impacting its Safe Cell Entry (SMA) 1000 Collection home equipment that it mentioned has been seemingly exploited within the wild as a zero-day.
The vulnerability, tracked as CVE-2025-23006, is rated 9.8 out of a most of 10.0 on the CVSS scoring system.
“Pre-authentication deserialization of untrusted knowledge vulnerability has been recognized within the SMA1000 Equipment Administration Console (AMC) and Central Administration Console (CMC), which in particular situations may probably allow a distant unauthenticated attacker to execute arbitrary OS instructions,” the corporate mentioned in an advisory.
It is price noting that CVE-2025-23006 doesn’t have an effect on its Firewall and SMA 100 collection merchandise. The flaw has been addressed in model 12.4.3-02854 (platform-hotfix).
SonicWall additionally mentioned that it has been notified of “doable energetic exploitation” by unspecified menace actors, necessitating that clients apply the fixes as quickly as doable to forestall potential assault makes an attempt.
The corporate credited the Microsoft Risk Intelligence Heart (MSTIC) with discovering and reporting the security shortcoming.
“To attenuate the potential affect of the vulnerability, please be certain that you prohibit entry to trusted sources for the Equipment Administration Console (AMC) and Central Administration Console (CMC),” the corporate really helpful.
