CVE-2025-23006: SonicWall SMA1000 Appliances Deserialization Vulnerability.

SonicWall SMA1000 Appliances Deserialization Vulnerability. SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

• CISA KEV-listed (remediation due 2025-02-14)
• used in ransomware campaigns
• EPSS 50.1% (97.9% percentile)

Browse the CVE database

Read the full analysis on IntelFusions