CVE-2025-23006

Published Jan 23, 2025

Last updated 14 days ago

Overview

Description
Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.
Source
PSIRT@sonicwall.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
SonicWall SMA1000 Appliances Deserialization Vulnerability
Exploit added on
Jan 24, 2025
Exploit action due
Feb 14, 2025
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

PSIRT@sonicwall.com
CWE-502

Social media

Hype score
Not currently trending
  1. ♨️#TrendingPost: SonicWall Urges Instant Patch for Vital CVE-2025-23006 Flaw Amid Most probably Exploitation https://t.co/HM3AJ54NBZ #Tech4All #Breaking #BreakingNews #Trending #NewUpdate #TopNews #TrendingNow #NewsUpdate #News #Hunter #TrendingNews #USA #TikTok https://t.co/eXj

    @investfact

    7 Feb 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/Nk6sUMNBEt https://t.co/z0l0nKQigf

    @NickBla41002745

    6 Feb 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Actively exploited CVE : CVE-2025-23006

    @transilienceai

    6 Feb 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. Actively exploited CVE : CVE-2025-23006

    @transilienceai

    5 Feb 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/66HyhLcxRH https://t.co/yjJ7YjkNJr

    @NickBla41002745

    3 Feb 2025

    62 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 January 27 Advisory: #SonicWall RCE Vulnerability Added to CISA Known Exploited Vulnerabilities Catalog [CVE-2025-23006] https://t.co/vr8ru0kNEr via @censysio #infosec https://t.co/Kosr7jNZhe

    @jc_vazquez

    3 Feb 2025

    71 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. SonicWall SMA1000 の脆弱性 CVE-2025-23006 (CVSS 9.8) が FIX:悪用も検出 https://t.co/uZSUkHAVO8 SonicWall SMA1000 の脆弱性 CVE-2025-23006 ですが、すでに悪用が観測されているとのことです。パッチを取り込んだ修正バージョンがリリースされていますので、ご利用のチームは、ご確認ください。… https://t.co/g5DeBaespo

    @iototsecnews

    3 Feb 2025

    90 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. SonicWall Urges Immediate Pach for Critical CVE-2025-23006 Flaw Amid Likely Exploitation SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild as a zero-day.

    @CwealthSentinel

    1 Feb 2025

    80 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. آسیب پذیری با کد شناسایی CVE-2025-23006 برای محصول SonicWall سری SMA1000 از نوع OS Command execution منتشر شده است. SonicWall از کاربران خود خواسته که در خصوص سری SMA1000 به نسخه 12.4.3-02854 و بالاتر به روز رسانی نمایند. https://t.co/Poz3aKY03t https://t.co/oVBobpJV6E

    @AmirHossein_sec

    30 Jan 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/WHqsULe9bd https://t.co/ddhah97vTx

    @NickBla41002745

    29 Jan 2025

    53 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/oTTRE7UTiN https://t.co/NLXCC4oJcC

    @dansantanna

    28 Jan 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. SonicWall confirms exploitation of a critical vulnerability (CVE-2025-23006) in its SMA 1000 series. Patch 12.4.3-02854 is available. Attackers can execute commands without authentication. ⚠️ #SonicWall #USA #CyberThreat link: https://t.co/F4kzYiEeeO https://t.co/4ubzEzHmOb

    @TweetThreatNews

    28 Jan 2025

    47 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 🚨 CVE-2025-23006 poses a serious risk to SonicWall 1000-series SMA VPNs, with a alarming CVSS score of 9.8. Unauthenticated remote code execution is confirmed. Protect systems ASAP! 🔒 #SonicWall #Vulnerability #USA link: https://t.co/C31NpgnxnN https://t.co/hTXyzVbD4K

    @TweetThreatNews

    28 Jan 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. #CyberAlerte | SonicWall a signalé que la vulnérabilité CVE-2025-23006 était exploitée. Nous recommandons aux utilisatrices·eurs et aux administratrices·eurs de suivre les mesures d’atténuation recommandées et d’appliquer les mises à jour nécessaires. https://t.co/kSxxprd2bT

    @centrecyber_ca

    27 Jan 2025

    46 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. #CyberAlert | SonicWall has reported that vulnerability CVE-2025-23006 has been exploited. The Cyber Centre encourages users and administrators to review and apply the necessary updates. https://t.co/QG6OCsVhVA

    @cybercentre_ca

    27 Jan 2025

    41 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/QXcOjkFA5j https://t.co/pTJPzgnoDL

    @pcasano

    27 Jan 2025

    20 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  17. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/m5wGmq8O2K https://t.co/wMoBZwbrCo

    @ggrubamn

    27 Jan 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/1AitmGDR5m https://t.co/p3ufzyYFaR

    @NickBla41002745

    27 Jan 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. “SonicWall SMA1000” cihazlarında kritik boşluq (CVE-2025-23006) aşkarlanıb. #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq https://t.co/EOVjjT5hRz

    @CERTAzerbaijan

    27 Jan 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Top 5 Trending CVEs: 1 - CVE-2025-23006 2 - CVE-2024-50050 3 - CVE-2024-43468 4 - CVE-2025-0282 5 - CVE-2025-21298 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    27 Jan 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. https://t.co/mksloZxLQq "The CISA has issued an urgent warning regarding a critical vulnerability, CVE-2025-23006, affecting SonicWall’s Secure Mobile Access (SMA) 1000 series appliances." #cybersecurity #cyberawareness #vulnerability #firewall

    @haxorman59

    27 Jan 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. CISA が既知の悪用された脆弱性をカタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Jan 24) - CVE-2025-23006 SonicWall SMA1000 アプライアンスのデシリアライゼーション脆弱性 https://t.co/ljM5qfyZWw

    @foxbook

    26 Jan 2025

    291 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  23. How to Fix CVE-2025-23006- A Critical Pre-Authentication Remote Command Execution Vulnerability in SMA1000 Appliance Management Console? https://t.co/KT3TZyBo47 https://t.co/LUNJEQqViw

    @TheSecMaster1

    26 Jan 2025

    876 Impressions

    6 Retweets

    12 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  24. 5/8 There's evidence of active exploitation for CVE-2025-23006. Don't wait, patch now to secure your network! #ActiveExploitation #SonicWallVulnerability 🔍

    @Eth1calHackrZ

    26 Jan 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. 4/8 @SonicWall has released patch 12.4.3-02854 for CVE-2025-23006. Update systems, review configurations and monitor logs. #CyberSecurityUpdate #SonicWallPatch 📊

    @Eth1calHackrZ

    26 Jan 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. 2/8 CVE-2025-23006 affects the SMA 1000 series up to version 12.4.3-02804. If you're running this, update to 12.4.3-02854 now! #PatchSonicWall #NetworkSecurity 🚨

    @Eth1calHackrZ

    26 Jan 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. 1/8 @Microsoft has reported a critical zero-day vulnerability, CVE-2025-23006, in SonicWall SMA 1000 appliances. Immediate patching is critical. #SonicWallSecurity #CyberAlert 🔒 @msdev

    @Eth1calHackrZ

    26 Jan 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. Birçok güvenlik açığının varlığı endişe verici. Hangi platformu kullanıyor olursanız olun, güncel kalmak çok önemli. Güvenliğimizi ihmal etmemeliyiz. Kaynak: [CVE-2025-23006](https://t.co/JQRx0guaoJ)

    @adirabilisim

    25 Jan 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. 米国CISAが悪用を確認した脆弱性 #KEV をカタログに追加しました。 🛡️No.1252 CVE-2025-23006 SonicWall SMA1000 Appliances Deserialization Vulnerability ============= CVSSスコア:9.8 (Base) / CISA-ADP CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H… https://t.co/E66Nj4xsaB

    @piyokango

    25 Jan 2025

    5131 Impressions

    3 Retweets

    12 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  30. 🚨Alert🚨 CVE-2025-23006 : Zero-day vulnerability in SonicWall SMA series under attack 📊 958K+ Services are found on the https://t.co/uU0Jso1s2Q yearly. 🔗Hunter Link:https://t.co/fmQJXKthDk 👇Query HUNTER :https://t.co/GOuD7uBeYg="SonicWall Secure Mobile Access" FOFA :… https:/

    @y1659rsgh

    25 Jan 2025

    14 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  31. Kritieke kwetsbaarheid ontdekt in sonicwall sma1000-apparaten https://t.co/T6ziNK09gc #CVE-2025-23006 #SonicWall kwetsbaarheid #Cybersecurity #SMA1000 Appliances #Deserialisatie kwetsbaarheid #Trending #Tech #Nieuws

    @TrendingNewsBot

    25 Jan 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. Mise en garde de la CISA sur l’exploitation d’une faille critique de sécurité SonicWall SMA1000 qui permet d’exécuter des commandes arbitraires sur le système d’exploitation (CVE-2025-23006). https://t.co/dDGXfMPzbH #.Code Arbitraire à Distance #.Exploitation #.Faille #CISA

    @NicolasCoolman

    25 Jan 2025

    18 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  33. 🚨 SonicWall urge a aplicar un parche inmediato para la vulnerabilidades crítica CVE-2025-23006 ⚠️ SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) Gravedad 9.8 sobre 10 https://t.co/ogGoHNKZeS… https://t.co/NBMhODKKNg

    @doncaptador

    25 Jan 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. 米国サイバーセキュリティ・社会基盤安全保障庁(CISA)が既知の悪用された脆弱性カタログにSonicWall SMA1000におけるデシリアライゼーション脆弱性CVE-2025-23006を追加。対処期限は通常の2/14。ランサムウェアによる悪用は不知。 https://t.co/ACqVqkGCQ5

    @__kokumoto

    25 Jan 2025

    1581 Impressions

    0 Retweets

    12 Likes

    3 Bookmarks

    1 Reply

    0 Quotes

  35. A critical flaw in SonicWall’s SMA 1000 allows remote, unauthenticated attackers to execute OS commands via AMC and CMC. SonicWall released hotfix 12.4.3-02854 to address the deserialization vulnerability (CVE-2025-23006). Update immediately.

    @Cyber_Sec_Raj

    25 Jan 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. SonicWall warns of a critical zero-day vulnerability (CVE-2025-23006) in SMA 1000 Series appliances, likely exploited in the wild, urging users to upgrade to the latest hotfix to mitigate risks. #CyberSecurity #ZeroDay https://t.co/qPTcDLdi14

    @Cyber_O51NT

    25 Jan 2025

    455 Impressions

    1 Retweet

    9 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  37. A critical vulnerability (CVE-2025-23006) affects over 2,000 SonicWall devices, with a severity rating of 9.8. Urgent patching is advised to prevent exploitation. 🌐🔒 #SonicWall #CISA #Germany link: https://t.co/B2PvoceBpF https://t.co/kswWbhSP0m

    @TweetThreatNews

    24 Jan 2025

    40 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  38. Microsoft advises orgs to download the security update provided by SonicWall to address CVE-2025-23006, a high-severity pre-authentication remote code execution vulnerability in SMA1000 Appliance Management Console (AMC) & Central Management Console (CMC) https://t.co/16DDQTk

    @MsftSecIntel

    24 Jan 2025

    9352 Impressions

    28 Retweets

    87 Likes

    20 Bookmarks

    5 Replies

    1 Quote

  39. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/Nsvi3r2yvF https://t.co/NEBBNHuVKh

    @secured_cyber

    24 Jan 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. 🚨 Critical Alert: A zero-day vulnerability in SonicWall Secure Mobile Access (SMA) 1000 (CVE-2025-23006) has reportedly been exploited in the wild. Details from @TenableSecurity: 🔗 https://t.co/7Sej1hmPQb #CyberSecurity #ZeroDay #ThreatIntel

    @CyberseerNet

    24 Jan 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. 🛡️ We added vulnerability CVE-2025-23006 affecting #SonicWall SMA1000 Appliance Management Console and Central Management Console to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org. #Cybersecurity #InfoSec ht

    @CISACyber

    24 Jan 2025

    5666 Impressions

    30 Retweets

    63 Likes

    4 Bookmarks

    6 Replies

    1 Quote

  42. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/Hg094mNvMG https://t.co/0TP1JftbzY

    @Art_Capella

    24 Jan 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. SonicWall Security Alert: Critical Zero-Day Bug Triggers Digital Panic Hot Take: Well, it seems the SMA 1000 Series appliances are having a bit of a midlife crisis. SonicWall just introduced them to CVE-2025-23006, a zero-day vulnerability that's already out mingling in the… ht

    @TheNimbleNerd

    24 Jan 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. 🚨Alert🚨 CVE-2025-23006 : Zero-day vulnerability in SonicWall SMA series under attack 📊 958K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/eZhUUsHeGI 👇Query HUNTER :https://t.co/q9rtuGfZuz="SonicWall Secure Mobile Access" FOFA :… https:/

    @HunterMapping

    24 Jan 2025

    146 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  45. CVE-2025-23006: Deserialization of Untrusted Data in SonicWall SMA1000, 9.8 rating 🔥 Pre-auth deserialization of untrusted data vuln was detected in SMA1000 components Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/qb2Xe4HmGa #cybersecurity #vulnerability_map https:

    @Netlas_io

    24 Jan 2025

    506 Impressions

    2 Retweets

    9 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  46. Threat Alert: SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix CVE-2025-23006 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/tvbh0bmmAX #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    24 Jan 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. 🚨 CVE Alert: SonicWall SMA1000 Remote Command Execution Vulnerability Exploited In the wild🚨 Vulnerability Details: CVE-2025-23006 (CVSS 9.8/10) SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC Remote Command Execution Vulnerability… htt

    @CyberxtronTech

    24 Jan 2025

    87 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/PIXmqnfvvq https://t.co/0kso2FhAnU

    @NickBla41002745

    24 Jan 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited https://t.co/sPE8f9gcaB https://t.co/iSbJJeOnfL

    @Trej0Jass

    24 Jan 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. Zero-day (CVE-2025-23006) in SonicWall SMA1000: Using Shodan, I found 2,494 devices online, with 215 exposing management interfaces affected by this vulnerability. https://t.co/8mm78ZmGKF https://t.co/uuI1tOylAF

    @nekono_naha

    24 Jan 2025

    819 Impressions

    1 Retweet

    13 Likes

    1 Bookmark

    0 Replies

    0 Quotes

Configurations