Description:
SonicWall has released a security update to address a vulnerability in SonicWall SMA1000 Products. A remote attacker could entice a user to open a web page with specially crafted content on a vulnerable browser to exploit the vulnerability.
Affected Systems:
- SonicWall SMA1000 versions prior to 12.4.3-03093 (platform-hotfix)
- SonicWall SMA1000 versions prior to 12.5.0-02002 (platform-hotfix)
For detailed information of the affected systems, please refer to the corresponding security advisory at vendor's website.
Impact:
Successful exploitation of the vulnerability could lead to elevation of privilege on an affected system.
Recommendation:
Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.
More Information:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40602
