Summary
A vulnerability rated “Critical” has been discovered in SonicWall Secure Mobile Access (SMA) 1000 Series products. This vulnerability, if successfully exploited, could allow a remote attacker to execute arbitrary code on the target devices.
Note: The vendor states that the vulnerability could be actively exploited over a network.
Risk
Community Impact Estimate: Critical (79.23)
Type
- Remote Code Execution
Affected Products and/or Versions
SMA1000
- Appliance Management Console (AMC), version 12.4.3-02804 (platform-hotfix) and earlier
- Central Management Console (CMC), version 12.4.3-02804 (platform-hotfix) and earlier
Mitigation Actions
In line with the vendor’s statement, it is recommended that vulnerable products be updated as per the security bulletin in the References section.
References
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
