Vulnerability detail

Enriched intelligence for a single CVE

9.8

CVSS
Critical

CVE-2025-23006

PUBLISHED

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and...

Exploited in the wild Used in malware Remote Low complexity No user interaction

Vendor: SonicWall
Product: SMA1000
Published: Jan 23, 2025
EPSS: —

Description

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

cisa malware edge nessus_scanner

CVSS scores

CVSS v3.1 9.8 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2025-01-24 00:00:00 UTC · Source

Used in malware

Recorded 2026-06-02 14:08:22 UTC · Source

SSVC decision points

Exploitation: active
Automatable: Yes
Technical impact: total

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Jan 24, 2025

Scanner integrations

Scanner	Reference	Detected
Nessus	https://www.tenable.com/plugins/nessus/214591	Jun 02, 2025

Timeline

CVE ID Reserved

January 09, 2025
CVE Published to Public

January 23, 2025
Added to KEVIntel

January 24, 2025
Detected by Nessus

June 02, 2025
Exploit Used in Malware

June 02, 2026