The SonicWall SMA1000 Appliance Management Console is vulnerable to a bug that attackers exploit to gain administrator privileges. A patch is available.
Cybersecurity specialist SonicWall warns of a bug in its SMA1000 Appliance Management Console (AMC). Vulnerability CVE-2025-40602 is not critical in itself, but attackers combine it with another bug: CVE-2025-23006. That has been known since the beginning of this year and also affects the SMA1000 AMC.
Patch available
SonicWall already released a patch for that bug, but not everyone has installed it. The new zero-day vulnerability increases the risk. SonicWall is therefore also providing a hotfix for this. It is available for SMA1000 AMC 12.4.3-03093 and 12.5.0-02002. These versions of the software, like older editions, are susceptible to abuse.
Currently, there are more than 950 SMA1000 devices visible worldwide via the public internet, although it is not clear how many of them have installed the patch. In the Benelux, there are approximately 32 devices that may pose a risk, the majority of which are in Belgium. As always, patching quickly is the best remedy to prevent abuse.
2025: the year of the SonicWall bugs
SonicWall is having a difficult year. In October, the company had to acknowledge a data breach. Following an incident, attackers made off with cloud backups of customer firewalls. In August, the company’s VPN was targeted via a new zero-day. In July, hackers were able to gain