CVE-2025-40599
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-40599. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1Attack Vector Metrics
Impact Metrics
Description
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.
Available Exploits
Related News
SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances. Experts warn customers to ch…
Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. “While there is currently no evidence that this vulnerability is being actively exploit…
Affected Products
Affected Versions:
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (3.1)
EPSS Score
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: July 25, 2025
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
References
Advisory provided by GitHub Security Advisory Database. Published: July 23, 2025, Modified: July 23, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
UPDATE ON COORDINATED ATTACK ON SONICWALL SSL VPN Blackpoint Cyber’s Response Operations Center (BROC) has observed a marked escalation in threat activity [targeting SonicWall SSL VPN appliances](https://blackpointcyber.com/blog/blackpoint-threat-bulletin-sonicwall-firewall-appliances-targeted-by-threat-actors), with evidence suggesting coordinated efforts by multiple threat actors including the Akira Ransomware Group. Our BROC team just published a blog that outlines …
CVE-2025-40599: Exploitable Arbitrary File Upload Vulnerability in SMA 100 Series Web Management Interface
Critical RCE Flaws in Sophos and SonicWall Devices Demand Immediate Action **Sophos and SonicWall have issued urgent patches for critical vulnerabilities that could allow remote code execution on their firewall and SMA 100 devices.** **Key Points:** - Sophos Firewall vulnerabilities CVE-2025-6704 and CVE-2025-7624 are rated CVSS 9.8, allowing potential pre-auth …
CVE-2025-40599 - Post- Authentication Arbitrary File Upload Vulnerability – SMA 100 Series Another round for SMA100 series vulnerabilities. SonicWall PSIRT has confirmed a Post-Authentication Arbitrary File Upload Vulnerability affecting SMA 100 Series appliances, including SMA 210, 410, and 500v. This does not affect SMA 1000 Series or SSL-VPN running on …