vulnerability🌐InternationalThe Hacker News
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
Wednesday, December 17, 2025
What
A local privilege escalation vulnerability in SonicWall SMA 100 series appliances has been exploited in the wild, allowing attackers to escalate privileges and potentially execute code remotely.
Where
SonicWall SMA 100 series appliances used globally by various organizations.
When
The vulnerability was reported on December 17, 2025, with active exploitation noted since its discovery. SonicWall released patches for the vulnerabilities in January 2025.
Key Factors
- •CVE-2025-40602 has a CVSS score of 6.6 and is due to insufficient authorization in the appliance management console.
- •The vulnerability can be exploited in combination with CVE-2025-23006, which has a CVSS score of 9.8, to achieve unauthenticated remote code execution.
- •SonicWall has urged users to upgrade to the latest hotfix versions to mitigate the risks associated with these vulnerabilities.
Takeaways
- →Organizations using SonicWall SMA 100 series appliances should prioritize applying the latest security patches.
- →The incident highlights the importance of timely vulnerability management and patching in cybersecurity.
- →Continuous monitoring for active exploitation of known vulnerabilities is essential for maintaining security.
