{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T04:03:16.869","vulnerabilities":[{"cve":{"id":"CVE-2025-23006","sourceIdentifier":"PSIRT@sonicwall.com","published":"2025-01-23T12:15:28.523","lastModified":"2025-10-31T15:56:18.303","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands."},{"lang":"es","value":"Se ha identificado una vulnerabilidad de deserialización de datos no confiables antes de la autenticación en SMA1000 Appliance Management Console (AMC) y Central Management Console (CMC), que en condiciones específicas podría permitir que un atacante remoto no autenticado ejecute comandos arbitrarios del sistema operativo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"cisaExploitAdd":"2025-01-24","cisaActionDue":"2025-02-14","cisaRequiredAction":"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"SonicWall SMA1000 Appliances Deserialization Vulnerability","weaknesses":[{"source":"PSIRT@sonicwall.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sonicwall:sma8200v:*:*:*:*:*:*:*:*","versionEndExcluding":"12.4.3-02854","matchCriteriaId":"5F558E7D-E784-406B-B290-3A969DE5DB93"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:sma6200_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.4.3-02854","matchCriteriaId":"7B32A454-15AF-4D1F-9B2E-47FA49C54944"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:sma6200:-:*:*:*:*:*:*:*","matchCriteriaId":"57B3C90F-F633-41B9-855E-902F6DC8ACA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:sma6210_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.4.3-02854","matchCriteriaId":"03BAE67D-9500-48C3-9A57-4ACDC78ED2AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:sma6210:-:*:*:*:*:*:*:*","matchCriteriaId":"7B24D300-1154-49A1-A1F3-FB0CC717166A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:sma7200_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.4.3-02854","matchCriteriaId":"5EB0E0F9-14CC-4B29-8026-6A4D3E73B46A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:sma7200:-:*:*:*:*:*:*:*","matchCriteriaId":"4F7B4ED9-7A57-48DC-AAEC-A2C2EAFF3B64"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:sma7210_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.4.3-02854","matchCriteriaId":"6C94E32E-8FE8-43C4-B86B-CC7DBD0A9973"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:sma7210:-:*:*:*:*:*:*:*","matchCriteriaId":"E9B414C5-C376-4216-A267-ABC0930905CE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:sra_ex6000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"12.4.3-02804","matchCriteriaId":"C1E84DDC-2CDB-447D-8403-C93FE16098C5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:sra_ex6000:-:*:*:*:*:*:*:*","matchCriteriaId":"8115B7AF-C785-4F68-9728-A19536EB363F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:sra_ex7000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"12.4.3-02804","matchCriteriaId":"2F33335D-F5C2-4F1C-819D-452381DC5656"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:sra_ex7000:-:*:*:*:*:*:*:*","matchCriteriaId":"13952D02-29BB-465C-8A5C-6B25CB1BAECD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:sra_ex9000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"12.4.3-02804","matchCriteriaId":"5C85D8D6-5330-4B9D-A870-5A43E49CEDB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:sra_ex9000:-:*:*:*:*:*:*:*","matchCriteriaId":"FDFDE82F-600E-48C7-AB15-ADDDFFBFC114"}]}]}],"references":[{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002","source":"PSIRT@sonicwall.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-23006","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}