skip navigation
Manchester Digital
skip mega-menu

Quick Links

Get Involved
What We Do Join the Community Our Newsletter #MDTechCommunity Slack Channel Industry Events Partner Opportunities
Support
Research and Insights Manifesto for the Northern Tech Economy Startup Support Sectors Relocate Member Offers
Programmes
Apprenticeships Digital Her Startup Activator Skills Festival Sector Insights Training

Who We Are

The Team
The Board

About

News

Events

Directory

Jobs

Join

Programmes

Startups

Apprenticeships

Get in Touch

Posts
Add Post

Security Bulletin: Actively Exploited Vulnerability in SonicWall

#cybersecurity #Cyber #cyber #cyber security
View Profile
View More Posts
On January 22, 2025, SonicWall published a security advisory detailing an actively exploited remote command execution vulnerability in SMA1000 appliances. The critical-severity vulnerability, CVE-2025-23006, is a pre-authentication deserialization of untrusted data vulnerability that has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC). If exploited, it could allow unauthenticated remote threat actors to execute arbitrary OS commands. Arctic Wolf has not observed any publicly available proof of concept (PoC) exploits for this vulnerability.


Arctic Wolf strongly recommends that customers upgrade to the latest fixed version. 

Product

Affected Version

Fixed Version

SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC)

Version 12.4.3-02804 and earlier

Version 12.4.3-02854

Impacted Models: SMA6200, SMA6210, SMA7200, SMA7210, SMA8200v (ESX, KVM, Hyper-V, AWS, Azure), EX6000, EX7000, EX9000

Note: SonicWall Firewall and SMA 100 (SMA200, 210, 400, 410, and 500v) products are not affected by this vulnerability. 

Please follow your organization's patching and testing guidelines to minimize potential operational impact.

Related Posts

Add Post View All
Posted by UKFast
UKFast Adds to C-Suite with CMO Appointment
Posted by Woodhurst Consulting
Getting the whole picture
Posted by iomart Group plc
iomart helps Manchester employment law consultancy Peninsula move to the cloud
Posted by Cyber Security Partners
CSP Announce Associate Sponsorship
Posted by Datacentreplus
Most Common Cyber Security Threats & Prevention in 2020
Posted by Cyber Security Partners
Why You Shouldn't Use 2FA on Older Smartphones
Posted by Cyber Security Partners
Remote Working - Keep Your Data Secure!
Posted by The North West Cyber Resilience Centre
Online Advice for Businesses in Response to the Covid-19 Outbreak
Posted by The North West Cyber Resilience Centre
Cyber Resilience Centre: Free Membership Offer in Response to COVID-19
Posted by Informed Solutions
Informed Solutions Appointed to Ofgem Digital Services Dynamic Purchasing System

Subscribe to our newsletter

Sign up here