SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

Published:

17 december 2025 om 18:17:00

Alert date:

17 december 2025 om 20:02:12

Source:

thehackernews.com

Network Infrastructure, Zero-Day Vulnerabilities

SonicWall has released fixes for CVE-2025-40602, a local privilege escalation vulnerability in Secure Mobile Access (SMA) 100 series appliances that is being actively exploited in the wild. The vulnerability has a CVSS score of 6.6 and stems from insufficient authorization in the appliance management console (AMC). This represents an active threat requiring immediate patching of affected SonicWall SMA 100 devices.

Technical details

CVE-2025-40602 is a local privilege escalation vulnerability with CVSS score 6.6 that arises from insufficient authorization in the appliance management console (AMC). The vulnerability was reported to be leveraged in combination with CVE-2025-23006 (CVSS score 9.8) to achieve unauthenticated remote code execution with root privileges.

Mitigation steps:

Apply fixes immediately. Update to version 12.4.3-03245 (platform-hotfix) for 12.4.x series or version 12.5.0-02283 (platform-hotfix) for 12.5.x series. CVE-2025-23006 was patched in version 12.4.3-02854 (platform-hotfix).

Affected products:

SonicWall Secure Mobile Access (SMA) 100 series appliances - versions 12.4.3-03093 (platform-hotfix) and earlier
SonicWall Secure Mobile Access (SMA) 100 series appliances - versions 12.5.0-02002 (platform-hotfix) and earlier