SonicWall patches zero‑day used with earlier flaw.

SonicWall says attackers have been exploiting a privilege escalation bug in the SMA 1000 management console as a zero‑day. The flaw, CVE‑2025‑40602, was found by Google researchers and has been used alongside an older deserialization issue to gain remote code execution with root access. Hotfixes are now available, and CISA has added the bug to its KEV list with an accelerated one‑week remediation deadline. SonicWall advises customers to update immediately or apply mitigations restricting management access, noting that its firewall SSL‑VPN products are not affected.

Read more:

https://www.securityweek.com/sonicwall-patches-exploited-sma-1000-zero-day/