Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2025-40602

🗓️ 18 Dec 2025 10:58:41Reported by sonicwallType 
cve
 cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 41 Views

Local privilege escalation due to insufficient authorization in SonicWall SMA1000 appliance management console.

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
Circl		CVE-2025-40602
17 Dec 202514:42
circl
CISA KEV Catalog		SonicWall SMA1000 Missing Authorization Vulnerability
17 Dec 202500:00
cisa_kev
CISA		 CISA Adds Three Known Exploited Vulnerabilities to Catalog
17 Dec 202512:00
cisa
CNNVD		SonicWALL SMA1000 安全漏洞
18 Dec 202500:00
cnnvd
Cvelist		CVE-2025-40602
18 Dec 202510:58
cvelist
GithubExploit		Exploit for CVE-2025-40602
18 Dec 202507:32
githubexploit
EUVD		EUVD-2025-204255
18 Dec 202512:30
euvd
NVD		CVE-2025-40602
18 Dec 202511:15
nvd
OSV		CVE-2025-40602
18 Dec 202511:15
osv
Positive Technologies		PT-2025-51891
17 Dec 202500:00
ptsecurity
Rows per page
NVD
Vulners
Node
sonicwallsma6200_firmwareRange<12.4.3-03245
OR
sonicwallsma6200_firmwareRange12.5.012.5.0-02283
AND
sonicwallsma6200Match-
Node
sonicwallsma6210_firmwareRange<12.4.3-03245
OR
sonicwallsma6210_firmwareRange12.5.012.5.0-02283
AND
sonicwallsma6210Match-
Node
sonicwallsma7200_firmwareRange<12.4.3-03245
OR
sonicwallsma7200_firmwareRange12.5.012.5.0-02283
AND
sonicwallsma7200Match-
Node
sonicwallsma7210_firmwareRange<12.4.3-03245
OR
sonicwallsma7210_firmwareRange12.5.012.5.0-02283
AND
sonicwallsma7210Match-
Node
sonicwallsma8200vRange<12.4.3-03245
OR
sonicwallsma8200vRange12.5.012.5.0-02283
[
  {
    "defaultStatus": "unknown",
    "platforms": [
      "Linux"
    ],
    "product": "SMA1000",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "12.4.3-03093 (platform-hotfix) and earlier versions"
      },
      {
        "status": "affected",
        "version": "12.5.0-02002 (platform-hotfix) and earlier versions"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
19 Dec 2025 13:57Current
6.7Medium risk
Vulners AI Score6.7
CVSS 3.16.6
EPSS0.00385
SSVC
CWE-862CWE-250In Wild
local privilege escalationinsufficient authorizationSonicWall SMA1000appliance management
41