Loading HuntDB...

SonicWall SMA1000 Appliances Deserialization Vulnerability

Added Jan. 24, 2025 Due Feb. 14, 2025 CVE-2025-23006
Overdue SonicWall / SMA1000 Appliances CWE-502

Description

SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

Additional Information

Catalog Version
2025.01.24
Catalog Released
Jan. 24, 2025
Days Until Due
0 days
Last Updated
6 months, 3 weeks ago