CVE-2025-23006: SonicWall SMA1000 Zero-Day RCE

Score: 9.8
CRITICAL
Published: 2025-01-22Affected: SonicWall SMA1000 < 12.4.3-02854CWE-502 β†—

Is SonicWall SMA1000 vulnerable?

A pre-authentication deserialization vulnerability in SonicWall SMA1000 series appliances. Unauthenticated remote attackers can execute arbitrary OS commands by sending crafted requests to the management interface.

Impact & Exploitation

Confirmed zero-day exploitation in the wild. SonicWall products are used by hundreds of thousands of organizations for remote access. CISA added to KEV catalog.

Related Resources

πŸ” Related CWE Entries

πŸ“‹ OWASP Top 10

πŸ“– Security Guides

πŸ›‘οΈ Notable Vulnerabilities

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS9.8
SeverityCRITICAL
CWECWE-502
Published2025-01-22

Tags

vpnzero-daydeserializationfirmware

Quick Links

Is your system affected?

Precogs AI detects SonicWall SMA1000 Zero-Day RCE in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2025-23006 SonicWall SMA1000 Zero-Day RCE don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo