CVE-2025-23006 Information

Description

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

Reference

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002