SonicWall has issued a warning about a critical security vulnerability in the SMA1000 Appliance Management Console (AMC) that has been exploited in zero-day attacks. Users are urged to upgrade to the latest hotfix to mitigate the risk of remote code execution and privilege escalation. #SonicWall #CVE2025-40602 #ZeroDayExploits
Keypoints
- SonicWall reports a medium-severity privilege escalation flaw in SMA1000 appliances, reported by Google Threat Intelligence Group.
- This vulnerability has been exploited in combination with a pre-authentication flaw to execute arbitrary OS commands remotely.
- Over 950 SMA1000 devices are exposed online, with some likely unpatched against these zero-day attacks.
- The flaw does not affect SonicWallβs SSL-VPN or firewalls, only the SMA1000 platform.
- SonicWall has previously issued patches for related vulnerabilities and advised users to update their firmware regularly.