Threat actors are exploiting a zero-day vulnerability (CVE-2025-40602) in SonicWallโs SMA 1000 appliance management console for local privilege escalation. Organizations are urged to update to the latest versions or apply mitigations to prevent remote code execution and unauthorized access. #CVE-2025-40602 #SonicWallSMA1000
Keypoints
- The CVE-2025-40602 vulnerability affects SonicWallโs SMA 1000 appliances, allowing privilege escalation.
- Attackers exploited this zero-day in combination with CVE-2025-23006 to achieve remote code execution.
- SonicWall has released patches in versions 12.4.3-03245 and 12.5.0-02283 to address the flaw.
- The US CISA has added CVE-2025-40602 to its Known Exploited Vulnerabilities list, urging rapid patching.
- Organizations are advised to disable public internet access to the AMC and restrict SSH, applying updates immediately.
Read More: https://www.securityweek.com/sonicwall-patches-exploited-sma-1000-zero-day/