ByteOS Network

sra_ex9000

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

1Vulnerabilities found

CVE-2025-23006

Assigner-SonicWall, Inc.

View Details

Assigner-SonicWall, Inc.

CVSS Score-9.8||CRITICAL

EPSS-38.65% / 97.14%

7 Day CHG+4.63%

Published-23 Jan, 2025 | 11:37

Updated-31 Oct, 2025 | 15:56

Known KEV||Action Due Date - 2025-02-14||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

Vendor-SonicWall Inc.

Product-sra_ex7000 sma7210 sma6210 sra_ex7000_firmware sma7210_firmware sma6200_firmware sma7200_firmware sma7200 sra_ex6000_firmware sra_ex9000_firmware sra_ex9000 sma8200v sma6210_firmware sma6200 sra_ex6000 SMA1000 SMA1000 Appliances

CWE ID-CWE-502

Deserialization of Untrusted Data