Latest SonicWall vulnerabilities: SMA100 Series #
SonicWall has issued an advisory for its SMA100 Series appliances.
- CVE-2025-32819 and has been rated high with a CVSS score of 8.8.
- CVE-2025-32820 and has been rated high with a CVSS score of 8.3.
- CVE-2025-32821 and has been rated medium with a CVSS score of 6.7.
What is the impact? #
When chained together, the vulnerabilities could allow a remote authenticated attacker to bypass system checks leading to potential remote code execution. It does not affect SonicWall Firewall or SMA 1000 series appliances.
Are updates or workarounds available? #
The vendor advises users to update to platform-hotfix (10.2.1.15-81sv or later) as soon as possible. The vendor also advises its customers to configure multifactor authentication (MFA) and enable WAF on the appliance.
How to find potentially vulnerable systems with runZero #
From the Service Inventory, use the following query to locate systems running potentially vulnerable firmware:
hw:"SonicWall SMA100" OR (_asset.protocol:http AND http.head.server:="SonicWALL SSL-VPN Web Server")
January 2025: SMA1000 Series #
SonicWall has issued an advisory for its SMA1000 Series appliances. The vendor reported that this vulnerability may be actively exploited in the wild.
This vulnerability has been designated CVE-2025-23006 and has been assigned a CVSS score of 9.8 (critical).
What is the impact? #
The vulnerability would allow for a remote unauthenticated attacker to execute arbitrary operating system commands. The vulnerability was discovered within the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC). It does not affect SonicWall Firewall or SMA 100 series appliances.
Are updates or workarounds available? #
The vendor advises users to update to platform-hotfix (12.4.3-02854 or later) as soon as possible. The vendor also advises its customers to follow the steps outlined in the Best Practices section of the SMA1000 Administration Guide. Access to the console should also be restricted to trusted networks.
How to find potentially vulnerable systems with runZero #
From the Service Inventory, use the following query to locate systems running potentially vulnerable firmware:
hw:"SonicWall SMA1000" OR _asset.protocol:http (last.html.title:="Appliance Management Console Login" OR last.html.title:="Central Management Console Login" OR http.head.server:="SMA/%" OR (favicon.ico.image.mmh3:"16866410" AND (last.html.title:"WorkPlace" OR html.title:"WorkPlace")))
September 2024: SonicOS and SSLVPN #
SonicWall disclosed a vulnerability that affects SonicOS management access and SSLVPN software on SonicWall Gen 5, Gen 6, in addition to Gen 7 devices running SonicOS version 7.0.1-5035 or earlier.
CVE-2024-40766 is rated critical with CVSS score of 9.3, and potentially allows for unauthorized resource access by an attacker.
What is the impact? #
Successful exploitation of this vulnerability potentially results in unauthorized resource access and in some cases could lead to a DoS after causing vulnerable devices to crash.
Are updates or workarounds available? #
SonicWall recommends restricting management access to trusted sources or disabling WAN management from the public Internet. Additionally, SonicWall has released updated firmware which is available for download from mysonicwall.com.
How to find potentially vulnerable systems with runZero #
From the Asset Inventory, use the following query to locate systems running potentially vulnerable software:
hw:"SonicWall"