Sonicwall SMA100: Three products affected by critical vulnerability – Update now
There is a security gap in the SMA 210, 410 and 500v remote access solutions of the Sonicwall SMA100 series. The manufacturer advises users to update quickly.
(Image: Konstantin Yolshin/Shutterstock.com)
A critical security vulnerability threatens three products for secure mobile access (SMA) from Sonicwall's SMA100 series: SMA 210, 410 and 500v.
The manufacturer urgently advises users to upgrade the firmware quickly, even if there are no indications of active exploits as yet. There is a “potential risk,” especially because Google's Threat Intelligence Group recently published a paper pointing to current attacks in the wild, which, however, target older, previously known vulnerabilities in the SMA 100 series.
The SMA1000 series is explicitly not affected by the current vulnerability.
Firmware versions up to and including 10.2.1.15-81sv are vulnerable. Versions from 10.2.2.1-90sv upwards are secured. There is no workaround. The additional notes in the “Comments” section of Sonicwall's security warning with step-by-step instructions, especially for SMA 500v, should be urgently observed:
Vulnerability details and further information
According to Sonicwall, the critical vulnerability with ID CVE-2025-40599 (CVSS score 9.1) can be exploited under certain conditions by a remote attacker to smuggle arbitrary files onto the system and, in the worst case, to execute code (remote code execution). However, the prerequisite for this is that the attacker has admin rights.
(ovw)
