{“lastseen”:”2025-12-17T18:19:04″,”description”:”\\n\\nSonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild.\\n\\nThe vulnerability, tracked as **CVE-2025-40602** (CVSS score: 6.6), concerns a case of local privilege escalation that arises as a result of insufficient authorization in the appliance management console (AMC).\\n\\nIt affects the following versions -\\n\\n * 12.4.3-03093 (platform-hotfix) and earlier versions – Fixed in 12.4.3-03245 (platform-hotfix)\\n * 12.5.0-02002 (platform-hotfix) and earlier versions – Fixed in 12.5.0-02283 (platform-hotfix)\\n\\n\\n\\n\\n\\n\\”This vulnerability was reported to be leveraged in combination with CVE-2025-23006 (CVSS score 9.8) to achieve unauthenticated remote code execution with root privileges,\\” SonicWall said.\\n\\nIt’s worth noting that CVE-2025-23006 was patched by the company in late January 2025 in version 12.4.3-02854 (platform-hotfix).\\n\\nCl\u00e9ment Lecigne and Zander Work of Google Threat Intelligence Group (GTIG) have been credited with discovering and reporting CVE-2025-40602. There are currently no details on the scale of the attacks and who is behind the efforts.\\n\\nBack in July, Google said it’s tracking a cluster named UNC6148 that’s targeting fully-patched end-of-life SonicWall SMA 100 series devices as part of a campaign designed to drop a backdoor called OVERSTEP. It’s currently not clear if these activities are related.\\n\\nIn light of active exploitation, it’s essential that SonicWall SMA 100 series users apply the fixes as soon as possible. \\n\\nFound this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.\\n”,”published”:”2025-12-17T18:17:00″,”modified”:”2025-12-17T18:17:03″,”type”:”thn”,”title”:”SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances”,”source”:””,”references”:””,”id”:”THN:EC4DDB6342775C8BA88F59AF63018A1F”,”bulletinFamily”:”info”,”cwe”:null,”cvelist”:[“CVE-2025-23006″,”CVE-2025-40602″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/thehackernews.com\/2025\/12\/sonicwall-fixes-actively-exploited-cve.html”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-12-17T18:19:04″,”description”:”\\n\\nSonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,35,12,13,7,11,43,5],"class_list":["post-31583","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-news","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n