Zero-Day Vulnerability in SonicWall SMA 1000 Reportedly...

Zero-Day Vulnerability in SonicWall SMA 1000 Reportedly Exploited In The Wild (CVE-2025-23006)

On January 22, 2025, SonicWall published an advisory (SNWLID-2025-0002) for a newly disclosed vulnerability in its Secure Mobile Access (SMA) 1000 product, a remote access solution:

CVE: CVE-2025-23006

According to SonicWall, this vulnerability reportedly has been exploited in the wild by threat actors. This information was given to SonicWall by researchers at the Microsoft Threat Intelligence Center (MSTIC), who are credited with discovering this flaw

For more information about this vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Zero-Day Vulnerability in SonicWall SMA 1000 Reportedly...

Recent Discussions

FAQ on Exploited Zero-Day Flaws in Cisco ASA and FTD Devices (CVE-2025-20333, CVE-2025-20362)

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

CVE-2025-25256: Proof of Concept Released for Fortinet FortiSIEM Command Injection Vulnerability

Americas

Europe

Asia / Australia