CVE-2025-23006

CVE-2025-23006

Vendor Sonicwall
Product SMA1000
Weakness CWE-502 · Unsafe deserialization
KEV Status Known Exploited
Ransomware Used in campaigns
Published January 23, 2025
Last update February 26, 2026
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

CISA mandated remediation

02CISA Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Key dates

03Disclosure timeline

January 23, 2025 CVE published
February 26, 2026 Record updated

Related vulnerabilities

05Related CVE

CVE-2025-12058 Vulnerability in Keras Model.load_model Leading to Arbitrary Local File Loading and SSRF CVE-2025-61677 DataChain: Deserialization of Untrusted Data from Environment Variables CVE-2025-54539 Apache ActiveMQ NMS AMQP Client: Deserialization of Untrusted Data CVE-2023-40571 weblogic-framework Deserialization of Untrusted Data vulnerability CVE-2025-14931 Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability