CVE-2025-23006
SonicWall SMA1000 Appliances Deserialization Vulnerability
SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands. Vendor/Product: SonicWall SMA1000 Appliances. Added to CISA KEV 2025-01-24; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.