Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
230 vulnerabilities by Sonicwall
CVE-2026-4116 (GCVE-0-2026-4116)
Vulnerability from cvelistv5 – Published: 2026-04-09 14:27 – Updated: 2026-04-09 14:27
VLAI?
Summary
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
Severity ?
No CVSS data available.
CWE
- CWE-176 - Improper handling of unicode encoding
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2026-04-09 05:11
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3-03245 (platform-hotfix) and earlier versions."
},
{
"status": "affected",
"version": "12.5.0-02283 (platform-hotfix) and earlier versions."
}
]
}
],
"datePublic": "2026-04-09T05:11:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.\u003c/p\u003e"
}
],
"value": "Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-176",
"description": "CWE-176 Improper handling of unicode encoding",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T14:27:29.341Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003"
}
],
"source": {
"advisory": "SNWLID-2026-0003",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2026-4116",
"datePublished": "2026-04-09T14:27:29.341Z",
"dateReserved": "2026-03-13T12:13:43.715Z",
"dateUpdated": "2026-04-09T14:27:29.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4114 (GCVE-0-2026-4114)
Vulnerability from cvelistv5 – Published: 2026-04-09 14:25 – Updated: 2026-04-10 03:56
VLAI?
Summary
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.
Severity ?
No CVSS data available.
CWE
- CWE-176 - Improper handling of unicode encoding
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2026-04-09 05:11
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4114",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T03:56:04.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3-03245 (platform-hotfix) and earlier versions."
},
{
"status": "affected",
"version": "12.5.0-02283 (platform-hotfix) and earlier versions."
}
]
}
],
"datePublic": "2026-04-09T05:11:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.\u003c/p\u003e"
}
],
"value": "Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-176",
"description": "CWE-176 Improper handling of unicode encoding",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T14:25:41.059Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003"
}
],
"source": {
"advisory": "SNWLID-2026-0003",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2026-4114",
"datePublished": "2026-04-09T14:25:41.059Z",
"dateReserved": "2026-03-13T11:57:22.758Z",
"dateUpdated": "2026-04-10T03:56:04.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4113 (GCVE-0-2026-4113)
Vulnerability from cvelistv5 – Published: 2026-04-09 14:23 – Updated: 2026-04-09 14:23
VLAI?
Summary
An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
Severity ?
No CVSS data available.
CWE
- CWE-204 - Observable response discrepancy
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2026-04-09 05:11
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3-03245 (platform-hotfix) and earlier versions."
},
{
"status": "affected",
"version": "12.5.0-02283 (platform-hotfix) and earlier versions."
}
]
}
],
"datePublic": "2026-04-09T05:11:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.\u003c/p\u003e"
}
],
"value": "An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204 Observable response discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T14:23:53.270Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003"
}
],
"source": {
"advisory": "SNWLID-2026-0003",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2026-4113",
"datePublished": "2026-04-09T14:23:53.270Z",
"dateReserved": "2026-03-13T11:57:20.974Z",
"dateUpdated": "2026-04-09T14:23:53.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4112 (GCVE-0-2026-4112)
Vulnerability from cvelistv5 – Published: 2026-04-09 14:22 – Updated: 2026-04-10 03:56
VLAI?
Summary
Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
Severity ?
No CVSS data available.
CWE
- CWE-89 - Improper neutralization of special elements used in an SQL command ('SQL injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2026-04-09 05:11
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4112",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T03:56:03.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3-03245 (platform-hotfix) and earlier versions."
},
{
"status": "affected",
"version": "12.5.0-02283 (platform-hotfix) and earlier versions."
}
]
}
],
"datePublic": "2026-04-09T05:11:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper neutralization of special elements used in an SQL command (\u201cSQL Injection\u201d) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator."
}
],
"value": "Improper neutralization of special elements used in an SQL command (\u201cSQL Injection\u201d) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper neutralization of special elements used in an SQL command (\u0027SQL injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T14:22:21.018Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003"
}
],
"source": {
"advisory": "SNWLID-2026-0003",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2026-4112",
"datePublished": "2026-04-09T14:22:21.018Z",
"dateReserved": "2026-03-13T11:57:18.440Z",
"dateUpdated": "2026-04-10T03:56:03.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3470 (GCVE-0-2026-3470)
Vulnerability from cvelistv5 – Published: 2026-03-31 20:19 – Updated: 2026-03-31 20:34
VLAI?
Summary
A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database.
Severity ?
CWE
- CWE-20 - Improper input validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | Email Security |
Affected:
10.0.34.8215 and earlier versions
Affected: 10.0.34.8223 and earlier versions |
Date Public ?
2026-03-31 06:00
Credits
Brian Mariani of DigitalCanion SA - www.digitalcanion.com
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-3470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T20:34:11.598748Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:34:15.574Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux",
"Windows"
],
"product": "Email Security",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.0.34.8215 and earlier versions"
},
{
"status": "affected",
"version": "10.0.34.8223 and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brian Mariani of DigitalCanion SA - www.digitalcanion.com"
}
],
"datePublic": "2026-03-31T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database."
}
],
"value": "A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:19:38.338Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002"
}
],
"source": {
"advisory": "SNWLID-2026-0002",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2026-3470",
"datePublished": "2026-03-31T20:19:38.338Z",
"dateReserved": "2026-03-03T10:00:16.245Z",
"dateUpdated": "2026-03-31T20:34:15.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3469 (GCVE-0-2026-3469)
Vulnerability from cvelistv5 – Published: 2026-03-31 20:18 – Updated: 2026-03-31 20:34
VLAI?
Summary
A denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, allowing a remote authenticated attacker as admin user to cause the application to become unresponsive.
Severity ?
CWE
- CWE-20 - Improper input validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | Email Security |
Affected:
10.0.34.8215 and earlier versions
Affected: 10.0.34.8223 and earlier versions |
Date Public ?
2026-03-31 06:00
Credits
Brian Mariani of DigitalCanion SA - www.digitalcanion.com
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-3469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T20:34:36.717764Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:34:53.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux",
"Windows"
],
"product": "Email Security",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.0.34.8215 and earlier versions"
},
{
"status": "affected",
"version": "10.0.34.8223 and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brian Mariani of DigitalCanion SA - www.digitalcanion.com"
}
],
"datePublic": "2026-03-31T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, allowing a remote authenticated attacker as admin user to cause the application to become unresponsive."
}
],
"value": "A denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, allowing a remote authenticated attacker as admin user to cause the application to become unresponsive."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:18:32.521Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002"
}
],
"source": {
"advisory": "SNWLID-2026-0002",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2026-3469",
"datePublished": "2026-03-31T20:18:32.521Z",
"dateReserved": "2026-03-03T09:59:59.495Z",
"dateUpdated": "2026-03-31T20:34:53.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3468 (GCVE-0-2026-3468)
Vulnerability from cvelistv5 – Published: 2026-03-31 20:17 – Updated: 2026-03-31 20:35
VLAI?
Summary
A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | Email Security |
Affected:
10.0.34.8215 and earlier versions
Affected: 10.0.34.8223 and earlier versions |
Date Public ?
2026-03-31 06:00
Credits
Brian Mariani of DigitalCanion SA - www.digitalcanion.com
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-3468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T20:35:08.592056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:35:38.252Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux",
"Windows"
],
"product": "Email Security",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.0.34.8215 and earlier versions"
},
{
"status": "affected",
"version": "10.0.34.8223 and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brian Mariani of DigitalCanion SA - www.digitalcanion.com"
}
],
"datePublic": "2026-03-31T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code."
}
],
"value": "A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:17:11.236Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002"
}
],
"source": {
"advisory": "SNWLID-2026-0002",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2026-3468",
"datePublished": "2026-03-31T20:17:11.236Z",
"dateReserved": "2026-03-03T09:59:57.366Z",
"dateUpdated": "2026-03-31T20:35:38.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3439 (GCVE-0-2026-3439)
Vulnerability from cvelistv5 – Published: 2026-03-04 09:19 – Updated: 2026-03-04 16:05
VLAI?
Summary
A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall.
Severity ?
4.9 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2026-03-04 09:07
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-3439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T16:05:44.553615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T16:05:54.854Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux",
"Gen7",
"Gen8"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5169 and older versions"
},
{
"status": "affected",
"version": "7.3.1-7013 and older versions"
},
{
"status": "affected",
"version": "8.1.0-8017 and older versions"
}
]
}
],
"datePublic": "2026-03-04T09:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall.\u003c/span\u003e\n\n\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T09:19:45.392Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001"
}
],
"source": {
"advisory": "SNWLID-2026-0001",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2026-3439",
"datePublished": "2026-03-04T09:19:45.392Z",
"dateReserved": "2026-03-02T13:59:15.773Z",
"dateUpdated": "2026-03-04T16:05:54.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40602 (GCVE-0-2025-40602)
Vulnerability from cvelistv5 – Published: 2025-12-18 10:58 – Updated: 2025-12-18 11:32
VLAI?
Summary
A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
Severity ?
6.6 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-12-18 04:51
Credits
Clément Lecigne and Zander Work of Google Threat Intelligence Group
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40602",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T11:31:20.912803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-12-17",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-40602"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T11:32:37.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-40602"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3-03093 (platform-hotfix) and earlier versions"
},
{
"status": "affected",
"version": "12.5.0-02002 (platform-hotfix) and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Cl\u00e9ment Lecigne and Zander Work of Google Threat Intelligence Group"
}
],
"datePublic": "2025-12-18T04:51:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).\u003c/span\u003e"
}
],
"value": "A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T10:58:41.668Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019"
}
],
"source": {
"advisory": "SNWLID-2025-0019",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40602",
"datePublished": "2025-12-18T10:58:41.668Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2025-12-18T11:32:37.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40601 (GCVE-0-2025-40601)
Vulnerability from cvelistv5 – Published: 2025-11-20 12:26 – Updated: 2025-11-20 18:31
VLAI?
Summary
A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
Severity ?
7.5 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-11-20 12:20
Credits
Saikiran Madugula of SonicWall
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40601",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-20T18:30:57.354762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T18:31:18.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.3.0-7012 and older versions"
},
{
"status": "affected",
"version": "8.0.2-8011 and older versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Saikiran Madugula of SonicWall"
}
],
"datePublic": "2025-11-20T12:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.\u003c/span\u003e"
}
],
"value": "A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T12:26:54.465Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0016"
}
],
"source": {
"advisory": "SNWLID-2025-0016",
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40601",
"datePublished": "2025-11-20T12:26:54.465Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2025-11-20T18:31:18.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40605 (GCVE-0-2025-40605)
Vulnerability from cvelistv5 – Published: 2025-11-20 12:19 – Updated: 2025-11-20 18:30
VLAI?
Summary
A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.
Severity ?
5.3 (Medium)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | Email Security |
Affected:
10.0.33.8195 and earlier versions
|
Date Public ?
2025-11-20 12:10
Credits
Brian Mariani of DigitalCanion SA - www.digitalcanion.com
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-20T18:29:26.973240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T18:30:31.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux",
"Windows"
],
"product": "Email Security",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.0.33.8195 and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brian Mariani of DigitalCanion SA - www.digitalcanion.com"
}
],
"datePublic": "2025-11-20T12:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T12:19:17.871Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0018"
}
],
"source": {
"advisory": "SNWLID-2025-0018",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40605",
"datePublished": "2025-11-20T12:19:17.871Z",
"dateReserved": "2025-04-16T08:34:59.662Z",
"dateUpdated": "2025-11-20T18:30:31.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40604 (GCVE-0-2025-40604)
Vulnerability from cvelistv5 – Published: 2025-11-20 12:17 – Updated: 2026-02-26 16:07
VLAI?
Summary
Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.
Severity ?
6.5 (Medium)
CWE
- CWE-494 - Download of Code Without Integrity Check
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | Email Security |
Affected:
10.0.33.8195 and earlier versions
|
Date Public ?
2025-11-20 11:56
Credits
Brian Mariani of DigitalCanion SA - www.digitalcanion.com
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T05:02:06.793237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:45.738Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux",
"Windows"
],
"product": "Email Security",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.0.33.8195 and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brian Mariani of DigitalCanion SA - www.digitalcanion.com"
}
],
"datePublic": "2025-11-20T11:56:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDownload of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.\u003c/span\u003e"
}
],
"value": "Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494 Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T12:17:14.138Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0018"
}
],
"source": {
"advisory": "SNWLID-2025-0018",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40604",
"datePublished": "2025-11-20T12:17:14.138Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2026-02-26T16:07:45.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40603 (GCVE-0-2025-40603)
Vulnerability from cvelistv5 – Published: 2025-10-31 11:01 – Updated: 2025-10-31 18:53
VLAI?
Summary
A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data.
Severity ?
4.5 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-10-30 18:26
Credits
Niels Schuler of Data-Sec GmbH
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T18:53:31.784947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T18:53:53.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA100",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.2.2-92sv and earlier versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:sma100:10.2.2.2-92sv_and_earlier_versions:*:linux:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Niels Schuler of Data-Sec GmbH"
}
],
"datePublic": "2025-10-30T18:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data.\u003c/span\u003e"
}
],
"value": "A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T11:01:35.618Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0017"
}
],
"source": {
"advisory": "SNWLID-2025-0017",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40603",
"datePublished": "2025-10-31T11:01:35.618Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2025-10-31T18:53:53.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40600 (GCVE-0-2025-40600)
Vulnerability from cvelistv5 – Published: 2025-07-29 21:11 – Updated: 2025-07-30 15:07
VLAI?
Summary
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.
Severity ?
9.8 (Critical)
CWE
- CWE-134 - Use of Externally-Controlled Format String
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Date Public ?
2025-07-29 09:04
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:32:27.290793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T15:07:47.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7",
"Linux"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.2.0-7015 and older versions"
}
]
}
],
"datePublic": "2025-07-29T09:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUse of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134 Use of Externally-Controlled Format String",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T21:11:59.174Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013"
}
],
"source": {
"advisory": "SNWLID-2025-0013",
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40600",
"datePublished": "2025-07-29T21:11:59.174Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2025-07-30T15:07:47.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40598 (GCVE-0-2025-40598)
Vulnerability from cvelistv5 – Published: 2025-07-23 14:49 – Updated: 2025-07-29 13:24
VLAI?
Summary
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SMA 100 Series |
Affected:
10.2.1.15-81sv and earlier versions
|
Date Public ?
2025-07-23 14:45
Credits
Sina Kheirkhah
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40598",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-29T13:23:53.835568Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T13:24:17.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://labs.watchtowr.com/stack-overflows-heap-overflows-and-existential-dread-sonicwall-sma100-cve-2025-40596-cve-2025-40597-and-cve-2025-40598/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA 100 Series",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.1.15-81sv and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sina Kheirkhah"
}
],
"datePublic": "2025-07-23T14:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T14:49:48.805Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0012"
}
],
"source": {
"advisory": "SNWLID-2025-0012",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40598",
"datePublished": "2025-07-23T14:49:48.805Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2025-07-29T13:24:17.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40597 (GCVE-0-2025-40597)
Vulnerability from cvelistv5 – Published: 2025-07-23 14:48 – Updated: 2026-02-26 17:50
VLAI?
Summary
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
Severity ?
7.5 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SMA 100 Series |
Affected:
10.2.1.15-81sv and earlier versions
|
Date Public ?
2025-07-23 14:45
Credits
Sina Kheirkhah
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40597",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T03:55:22.115090Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:16.718Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA 100 Series",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.1.15-81sv and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sina Kheirkhah"
}
],
"datePublic": "2025-07-23T14:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T14:48:36.604Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0012"
}
],
"source": {
"advisory": "SNWLID-2025-0012",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40597",
"datePublished": "2025-07-23T14:48:36.604Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2026-02-26T17:50:16.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40596 (GCVE-0-2025-40596)
Vulnerability from cvelistv5 – Published: 2025-07-23 14:46 – Updated: 2026-02-26 17:50
VLAI?
Summary
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
Severity ?
7.3 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SMA 100 Series |
Affected:
10.2.1.15-81sv and earlier versions
|
Date Public ?
2025-07-23 14:39
Credits
Sina Kheirkhah
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40596",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T03:55:20.889053Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:16.924Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA 100 Series",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.1.15-81sv and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sina Kheirkhah"
}
],
"datePublic": "2025-07-23T14:39:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.\u003c/span\u003e"
}
],
"value": "A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T14:46:24.199Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0012"
}
],
"source": {
"advisory": "SNWLID-2025-0012",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40596",
"datePublished": "2025-07-23T14:46:24.199Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2026-02-26T17:50:16.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40599 (GCVE-0-2025-40599)
Vulnerability from cvelistv5 – Published: 2025-07-23 13:13 – Updated: 2025-07-25 03:55
VLAI?
Summary
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.
Severity ?
9.1 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SMA 100 Series |
Affected:
10.2.1.15-81sv and earlier versions
|
Date Public ?
2025-07-23 13:07
Credits
Dawid Skomski of SonicWall PSIRT
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T03:55:18.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA 100 Series",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.1.15-81sv and earlier versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dawid Skomski of SonicWall PSIRT"
}
],
"datePublic": "2025-07-23T13:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.\u003c/span\u003e"
}
],
"value": "An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T13:13:45.791Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0014"
}
],
"source": {
"advisory": "SNWLID-2025-0014",
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40599",
"datePublished": "2025-07-23T13:13:45.791Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2025-07-25T03:55:18.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40595 (GCVE-0-2025-40595)
Vulnerability from cvelistv5 – Published: 2025-05-14 16:35 – Updated: 2025-05-14 20:07
VLAI?
Summary
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
Severity ?
7.2 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-05-14 09:42
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T19:01:10.492194Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T20:07:03.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3-02925 (platform-hotfix) and earlier versions"
}
]
}
],
"datePublic": "2025-05-14T09:42:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.\u003c/span\u003e"
}
],
"value": "A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T16:35:54.647Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0010"
}
],
"source": {
"advisory": "SNWLID-2025-0010",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40595",
"datePublished": "2025-05-14T16:35:54.647Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2025-05-14T20:07:03.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32821 (GCVE-0-2025-32821)
Vulnerability from cvelistv5 – Published: 2025-05-07 17:22 – Updated: 2026-02-26 18:28
VLAI?
Summary
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.
Severity ?
7.1 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-05-07 17:19
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T03:56:17.963567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:49.061Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA100",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.1.14-75sv and earlier versions"
}
]
}
],
"datePublic": "2025-05-07T17:19:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:22:14.812Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011"
}
],
"source": {
"advisory": "SNWLID-2025-0011",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-32821",
"datePublished": "2025-05-07T17:22:14.812Z",
"dateReserved": "2025-04-11T08:50:31.683Z",
"dateUpdated": "2026-02-26T18:28:49.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32820 (GCVE-0-2025-32820)
Vulnerability from cvelistv5 – Published: 2025-05-07 17:20 – Updated: 2025-05-07 18:53
VLAI?
Summary
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.
Severity ?
8.3 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-05-07 17:16
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T17:29:05.535867Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T18:53:33.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA100",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.1.14-75sv and earlier versions"
}
]
}
],
"datePublic": "2025-05-07T17:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:20:10.699Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011"
}
],
"source": {
"advisory": "SNWLID-2025-0011",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-32820",
"datePublished": "2025-05-07T17:20:10.699Z",
"dateReserved": "2025-04-11T08:50:31.683Z",
"dateUpdated": "2025-05-07T18:53:33.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32819 (GCVE-0-2025-32819)
Vulnerability from cvelistv5 – Published: 2025-05-07 17:18 – Updated: 2026-02-26 18:28
VLAI?
Summary
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
Severity ?
8.8 (High)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-05-07 17:13
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32819",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-19T03:55:11.900555Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:50.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"url": "https://old.rapid7.com/blog/post/2025/05/07/multiple-vulnerabilities-in-sonicwall-sma-100-series-2025/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA100",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.1.14-75sv and earlier versions"
}
]
}
],
"datePublic": "2025-05-07T17:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.\u003c/span\u003e"
}
],
"value": "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:18:23.274Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011"
}
],
"source": {
"advisory": "SNWLID-2025-0011",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-32819",
"datePublished": "2025-05-07T17:18:23.274Z",
"dateReserved": "2025-04-11T08:50:31.683Z",
"dateUpdated": "2026-02-26T18:28:50.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2170 (GCVE-0-2025-2170)
Vulnerability from cvelistv5 – Published: 2025-04-30 18:46 – Updated: 2025-05-14 16:34
VLAI?
Summary
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location.
Severity ?
7.2 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-04-30 07:42
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-04-30T20:03:18.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0008"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-2170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-01T13:19:54.321620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-01T13:20:07.751Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3-02907 (platform-hotfix) and earlier versions"
}
]
}
],
"datePublic": "2025-04-30T07:42:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location."
}
],
"value": "A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T16:34:26.710Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0008"
}
],
"source": {
"advisory": "SNWLID-2025-0008",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-2170",
"datePublished": "2025-04-30T18:46:34.939Z",
"dateReserved": "2025-03-10T14:56:38.795Z",
"dateUpdated": "2025-05-14T16:34:26.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32818 (GCVE-0-2025-32818)
Vulnerability from cvelistv5 – Published: 2025-04-23 19:24 – Updated: 2025-04-23 19:56
VLAI?
Summary
A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition.
Severity ?
7.5 (High)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-04-23 19:16
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T19:55:23.734741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:56:30.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"GEN7",
"GEN8"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"lessThanOrEqual": "7.1.3-7015",
"status": "affected",
"version": "7.1.1-7040",
"versionType": "custom"
},
{
"status": "affected",
"version": "8.0.0-8037 and earlier versions"
}
]
}
],
"datePublic": "2025-04-23T19:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition.\u003c/span\u003e"
}
],
"value": "A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:24:53.043Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0009"
}
],
"source": {
"advisory": "SNWLID-2025-0009",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-32818",
"datePublished": "2025-04-23T19:24:53.043Z",
"dateReserved": "2025-04-11T08:50:31.683Z",
"dateUpdated": "2025-04-23T19:56:30.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32817 (GCVE-0-2025-32817)
Vulnerability from cvelistv5 – Published: 2025-04-16 19:10 – Updated: 2025-04-17 15:55
VLAI?
Summary
A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service or file corruption.
Severity ?
6.1 (Medium)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | Connect Tunnel |
Affected:
12.4.3.283 and earlier versions
|
Date Public ?
2025-04-16 07:04
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T20:13:03.098353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T15:55:27.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Windows",
"64 bit",
"32 bit"
],
"product": "Connect Tunnel",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3.283 and earlier versions"
}
]
}
],
"datePublic": "2025-04-16T07:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service or file corruption."
}
],
"value": "A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service or file corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T19:10:57.562Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0007"
}
],
"source": {
"advisory": "SNWLID-2025-0007",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-32817",
"datePublished": "2025-04-16T19:10:57.562Z",
"dateReserved": "2025-04-11T08:50:31.682Z",
"dateUpdated": "2025-04-17T15:55:27.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23010 (GCVE-0-2025-23010)
Vulnerability from cvelistv5 – Published: 2025-04-10 18:57 – Updated: 2025-04-17 15:56
VLAI?
Summary
An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to manipulate file paths.
Severity ?
7.2 (High)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | NetExtender |
Affected:
10.3.1 and earlier versions
|
Date Public ?
2025-04-09 18:53
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-23010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T15:56:17.168941Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T15:56:20.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Windows",
"64 bit",
"32 bit"
],
"product": "NetExtender",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.3.1 and earlier versions"
}
]
}
],
"datePublic": "2025-04-09T18:53:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn Improper Link Resolution Before File Access (\u0027Link Following\u0027) vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to manipulate file paths.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "An Improper Link Resolution Before File Access (\u0027Link Following\u0027) vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to manipulate file paths."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T18:57:59.176Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0006"
}
],
"source": {
"advisory": "SNWLID-2025-0006",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-23010",
"datePublished": "2025-04-10T18:57:59.176Z",
"dateReserved": "2025-01-09T09:08:55.360Z",
"dateUpdated": "2025-04-17T15:56:20.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23009 (GCVE-0-2025-23009)
Vulnerability from cvelistv5 – Published: 2025-04-10 18:55 – Updated: 2025-04-17 15:57
VLAI?
Summary
A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion.
Severity ?
7.2 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | NetExtender |
Affected:
10.3.1 and earlier versions
|
Date Public ?
2025-04-09 18:50
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-23009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T15:57:09.040040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T15:57:11.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Windows",
"64 bit",
"32 bit"
],
"product": "NetExtender",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.3.1 and earlier versions"
}
]
}
],
"datePublic": "2025-04-09T18:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T18:55:52.641Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0006"
}
],
"source": {
"advisory": "SNWLID-2025-0006",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-23009",
"datePublished": "2025-04-10T18:55:52.641Z",
"dateReserved": "2025-01-09T09:08:55.360Z",
"dateUpdated": "2025-04-17T15:57:11.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23008 (GCVE-0-2025-23008)
Vulnerability from cvelistv5 – Published: 2025-04-10 18:55 – Updated: 2025-04-10 19:13
VLAI?
Summary
An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations.
Severity ?
7.2 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | NetExtender |
Affected:
10.3.1 and earlier versions
|
Date Public ?
2025-04-09 18:50
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-23008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T19:13:21.211046Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T19:13:49.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Windows",
"64 bit",
"32 bit"
],
"product": "NetExtender",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.3.1 and earlier versions"
}
]
}
],
"datePublic": "2025-04-09T18:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations.\u003c/span\u003e"
}
],
"value": "An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T18:55:06.669Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0006"
}
],
"source": {
"advisory": "SNWLID-2025-0006",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-23008",
"datePublished": "2025-04-10T18:55:06.669Z",
"dateReserved": "2025-01-09T09:08:55.360Z",
"dateUpdated": "2025-04-10T19:13:49.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23007 (GCVE-0-2025-23007)
Vulnerability from cvelistv5 – Published: 2025-01-30 09:44 – Updated: 2025-04-17 15:58
VLAI?
Summary
A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation.
Severity ?
5.5 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | NetExtender |
Affected:
10.3.0
|
Date Public ?
2025-01-30 02:37
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-23007",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T13:45:51.017556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T15:58:18.543Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Windows",
"64 bit",
"32 bit"
],
"product": "NetExtender",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.3.0"
}
]
}
],
"datePublic": "2025-01-30T02:37:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation.\u003c/span\u003e"
}
],
"value": "A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T20:34:22.070Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0005"
}
],
"source": {
"advisory": "SNWLID-2025-0005",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-23007",
"datePublished": "2025-01-30T09:44:17.800Z",
"dateReserved": "2025-01-09T09:08:55.360Z",
"dateUpdated": "2025-04-17T15:58:18.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23006 (GCVE-0-2025-23006)
Vulnerability from cvelistv5 – Published: 2025-01-23 11:37 – Updated: 2026-02-26 19:08
VLAI?
Summary
Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.
Severity ?
9.8 (Critical)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Date Public ?
2025-01-22 16:22
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-23006",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T04:55:44.976003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-01-24",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-23006"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T19:08:57.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-23006"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-24T00:00:00.000Z",
"value": "CVE-2025-23006 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "12.4.3-02804 (platform-hotfix) and earlier versions."
}
]
}
],
"datePublic": "2025-01-22T16:22:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.\u003c/span\u003e"
}
],
"value": "Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T11:37:41.148Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002"
}
],
"source": {
"advisory": "SNWLID-2025-0002",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-23006",
"datePublished": "2025-01-23T11:37:41.148Z",
"dateReserved": "2025-01-09T09:08:55.359Z",
"dateUpdated": "2026-02-26T19:08:57.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}