claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2025-23006-sonicwall-sma1000-appliances.log

CVE-2025-23006 — SonicWall SMA1000 Appliances Deserialization Vulnerability

2025-01-24 • CISA Known Exploited Vulnerability

[event] SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

> AFFECTED SOFTWARE

Field Value
Vendor SonicWall
Product SMA1000 Appliances
CWE CWE-502
CVE ID CVE-2025-23006
Date Added 2025-01-24
Due Date 2025-02-14
Ransomware Campaign Known — this vulnerability has been leveraged in ransomware campaigns

> MITIGATION

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Due Date: 2025-02-14

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:09 UTC