Full Report
The flaw has a severity rating of 9.8 out of 10, and a patch has been made available. The post SonicWall pushes urgent patch for its SMA appliance appeared first on CyberScoop.
Analysis Summary
# Vulnerability: Critical Command Execution Flaw in SonicWall SMA 1000 Series
## CVE Details
- CVE ID: CVE-2025-23006
- CVSS Score: 9.8 (Critical)
- CWE: Not explicitly mentioned, but context suggests OS Command Injection.
## Affected Systems
- Products: SonicWall Secure Mobile Access (SMA) 1000 series appliances
- Versions: Unspecified vulnerable versions; upgrade is necessary.
- Configurations: Affects the Appliance Management Console (AMC) and Central Management Console (CMC).
## Vulnerability Description
A critical security flaw exists in the SonicWall SMA 1000 series appliances which allows remote, unauthenticated attackers to execute arbitrary operating system commands. The vulnerability targets the Appliance Management Console (AMC) and Central Management Console (CMC).
## Exploitation
- Status: May have been exploited in the wild.
- Complexity: Likely Low, given the remote, unauthenticated nature and high CVSS score.
- Attack Vector: Network (Remote)
## Impact
- Confidentiality: High (Implied by arbitrary OS command execution)
- Integrity: High (Implied by arbitrary OS command execution)
- Availability: High (Implied by arbitrary OS command execution)
## Remediation
### Patches
- SonicWall has issued an urgent patch. Users must upgrade immediately to the patched software version. (Specific patched version number not provided in the source text, consult the vendor advisory.)
### Workarounds
- Restrictively manage console access as per SonicWall's security best practices.
- Note: SMA100 series and Firewall products are **not** affected.
## Detection
- Status: Potentially exploited; investigation is critical.
- Detection Methods: Organizations should monitor network traffic and system logs for signs of unauthorized command execution on SMA1000 appliances, especially related to management consoles (AMC/CMC). CERT-Bund advisories may contain further indicators.
## References
- Vendor Advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
- CERT-Bund Advisory (Sample Link Structure): hxxps://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2025/2025-213725-1032.pdf?__blob=publicationFile&v=2
- SonicWall Admin Guide Reference: hxxps://www.sonicwall.com/techdocs/pdf/sma_1000-12-4-admin_guide.pdf#page=653