CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Feb 14, 2025
High
CISA KEVRansomwareCVE-2025-23006
SonicWall—SMA1000 Appliances
SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.
Required Action
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 ; https://nvd.nist.gov/vuln/detail/CVE-2025-23006
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Known
- Published
- Jan 24, 2025
- KEV Added
- Jan 24, 2025
- Due Date
- Feb 14, 2025
- Related Articles
- 0
Vendor
SonicWall
SMA1000 Appliances