CVE-2025-23006

critical-risk

Published 2025-01-23

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

Do I need to act?

58.5% chance of exploitation in next 30 days

EPSS score — higher than 42% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (8)

Sma8200V

Sma6200 Firmware

Sma6210 Firmware

Sma7200 Firmware

Sma7210 Firmware

Sra Ex6000 Firmware

Sra Ex7000 Firmware

Sra Ex9000 Firmware

Affected Vendors

Sonicwall

References (2)

Vendor Advisory https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002

US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-...

/ 100

critical-risk

Severity 32/34 · Critical

Exploitability 25/34 · High

Exposure 14/34 · Moderate