CVE-2025-23006 - SonicWall SMA1000 Appliances Deserialization Vulnerability

SonicWall | SMA1000 Appliances

• Date Added:
• 2025-01-24

• Due Date:
• 2025-02-14

Vulnerability Name

SonicWall SMA1000 Appliances Deserialization Vulnerability

Description

SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 ; https://nvd.nist.gov/vuln/detail/CVE-2025-23006

Top Security News

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

Bitbucket services “hard down” due to major worldwide outage

SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation

Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025

Windows Server 2025 released—here are the new features

Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure

U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Salt Typhoon

TikTok is back up in the US after Trump says he will extend deadline

Top Alert List

Content Security Policy (CSP) Header Not Set

CSP

MediumAbsence of Anti-CSRF Tokens

MediumMissing Anti-clickjacking Header

MediumContent Security Policy (CSP) Header Not Set

InformationalInformation Disclosure - Suspicious Comments

InformationalModern Web Application

LowCross-Domain JavaScript Source File Inclusion

InformationalRe-examine Cache-control Directives

LowCSP: X-Content-Security-Policy

Latest CVE List

CVE-2025-23006 SonicWall SMA1000 Appliances Deserialization Vulnerability

CVE-2020-11023 JQuery Cross-Site Scripting (XSS) Vulnerability

CVE-2024-50603 Aviatrix Controllers OS Command Injection Vulnerability

CVE-2024-55591 Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

CVE-2025-21333 Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability

CVE-2025-21334 Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CVE-2025-21335 Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CVE-2024-12686 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

CVE-2023-48365 Qlik Sense HTTP Tunneling Vulnerability

CVE-2025-0282 Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Top CWE List

CWE-693 Protection Mechanism Failure

HighCWE-200 Exposure of Sensitive Information to an Unauthorized Actor

MediumCWE-352 Cross-Site Request Forgery (CSRF)

CWE-1426 Improper Validation of Generative AI Output

HighCWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-1053 Missing Documentation for Design

CWE-304 Missing Critical Step in Authentication

CWE-307 Improper Restriction of Excessive Authentication Attempts

HighCWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

HighCWE-116 Improper Encoding or Escaping of Output