SonicWall has rolled out fixes to deal with a safety flaw in Safe Cell Entry (SMA) 100 collection home equipment that it mentioned has been actively exploited within the wild.
The vulnerability, tracked as CVE-2025-40602 (CVSS rating: 6.6), issues a case of native privilege escalation that arises on account of inadequate authorization within the equipment administration console (AMC).
It impacts the next variations –
- 12.4.3-03093 (platform-hotfix) and earlier variations – Fastened in 12.4.3-03245 (platform-hotfix)
- 12.5.0-02002 (platform-hotfix) and earlier variations – Fastened in 12.5.0-02283 (platform-hotfix)
“This vulnerability was reported to be leveraged together with CVE-2025-23006 (CVSS rating 9.8) to realize unauthenticated distant code execution with root privileges,” SonicWall mentioned.
It is value noting that CVE-2025-23006 was patched by the corporate in late January 2025 in model 12.4.3-02854 (platform-hotfix).
Clément Lecigne and Zander Work of Google Risk Intelligence Group (GTIG) have been credited with discovering and reporting CVE-2025-40602. There are at the moment no particulars on the dimensions of the assaults and who’s behind the efforts.
Again in July, Google mentioned it is monitoring a cluster named UNC6148 that is concentrating on fully-patched end-of-life SonicWall SMA 100 collection units as a part of a marketing campaign designed to drop a backdoor known as OVERSTEP. It is at the moment not clear if these actions are associated.
In mild of energetic exploitation, it is important that SonicWall SMA 100 collection customers apply the fixes as quickly as doable.
Elevate your perspective with NextTech Information, the place innovation meets perception.
Uncover the most recent breakthroughs, get unique updates, and join with a world community of future-focused thinkers.
Unlock tomorrow’s tendencies at present: learn extra, subscribe to our e-newsletter, and turn into a part of the NextTech neighborhood at NextTech-news.com
