CNNVD-202512-3486 Information

CNNVD ID

CNNVD-202512-3486

Related CVE

CVE-2025-40602

• CNNVD Published: 2025-12-18

Description (Chinese)

SonicWALL SMA1000是美国SonicWALL公司的一系列安全移动访问解决方案。简化了对跨本地、云和混合数据中心托管的企业资源的端到端安全远程访问。 SonicWALL SMA1000存在安全漏洞，该漏洞源于授权不足，可能导致本地权限提升。

Description (English)

SonicWALL SMA1000 is a series of secure mobile access solutions for SonicWALL in the United States. Remote end-to-end access to enterprise resources hosted across local, cloud and hybrid data centres was simplified. There is a security loophole in SonicWALL SMA1000, which stems from inadequate delegation of authority, which may lead to local empowerment.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

SonicWALL

Published

2025-12-18

Last Modified

2026-02-24

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-40602

Patch

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019