SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the provided hotfix, as the flaw is being leveraged by attackers. “This vulnerability was reported to be leveraged in combination with CVE-2025-23006 to achieve unauthenticated remote code execution with root privileges,” the company said. About CVE-2025-40602 SonicWall Secure Mobile Access (SMA) 1000 appliances/gateways are used by large, distributed enterprises to allow employees … More →
The post Actively exploited SonicWall zero-day patched (CVE-2025-40602) appeared first on Help Net Security.
http://news.poseidon-us.com/TPsxmc
