CVE-2025-23006CRITICAL 9.8CISA KEVEPSS p97.4%

CVE-2025-23006SonicWall SMA1000 Appliances Deserialization Vulnerability

SonicWall / SMA1000 Appliances

Description

SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS22.25% probability of exploitation · percentile 97.4% · 2026-06-18T12:00:27Z
Published2025-01-23
Last modified2025-10-31

CISA KEV entry

Added to KEV: 2025-01-24

Underlying weaknesses· 1

CWE-502

References

  1. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
  2. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-23006

1

TypeTargetConfidenceTier
WeaknessDeserialization of Untrusted Datacwe-5020%live

(incoming)1

TypeTargetConfidenceTier
KEVEntrySonicWall SMA1000 Appliances Deserialization Vulnerabilitykev-cve-2025-230060%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
SonicWall SMA1000 Missing Authorization Vulnerability
CVE
SonicWall SMA100 Appliances OS Command Injection Vulnerability
CVE
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
CVE
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
CVE
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
CVE
CVE-2025-40553
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.