CVE-2025-40602CISA KEV: Actively Exploited

SonicWall SMA1000 Missing Authorization Vulnerability

Published Dec 17, 2025·Updated Dec 17, 2025

Description

SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console (AMC) of affected devices.

Public Exploits & PoCs2 found

PoC: CVE-2025-40602

Detection for CVE-2025-40602

PoC: CVE-2025-40602

CVE-2025-40602 is a local privilege escalation vulnerability in the appliance management console (AMC) of SonicWall Secure Mobile Access (SMA) 1000 series appliances.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Start monitoring free