SonicWall: “Hackers exploit new zero-day bug to break into networks”

Sonicwall

According to cybersecurity company SonicWall, hackers are exploiting a new vulnerability in one of their devices. That vulnerability allows them to break into customers’ corporate networks.

US cybersecurity company SonicWall reported in an update that a vulnerability was recently discovered in one of their enterprise devices.

Malware

At issue is the SMA1000 device, which allows customers to remotely log in to their corporate network, and thus gain remote access to that network. The vulnerability allows hackers to install malware on those devices without being logged into the system.

The zero-day bug (CVE-2025-23006) was discovered last week by Microsoft and shared with SonicWall. Meanwhile, more than 1,000 devices have reportedly already been infected with malware, Bleeping Computer knows. Thus, many companies that do not have the latest security updates are at risk of attacks. On its support page , SonicWall advises companies to update firmware to the latest new version.

read also

How to leverage AI for better cybersecurity

Cybersecurity devices such as firewalls or VPN products are popular targets for hackers. They often contain bugs that compromise security features, which then make it very easy to penetrate the network.

Last year, two vulnerabilities were discovered at SonicWall, putting more than 178,000 firewalls and more than 25,000 VPN firewalls, respectively, at high risk of cyber attacks. Even then it was recommended to download and install the latest firmware, which almost always resolves the vulnerabilities.