What is the CVSS score of CVE-2025-23006?

CVE-2025-23006 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 61.3%.

Which versions of Sma8200V are affected by CVE-2025-23006?

Organizations using Pre-authentication deserialization of untrusted data vulnerability face critical risk from CVE-2025-23006, a insecure deserialization vulnerability rated CVSS 9.8.

Is CVE-2025-23006 being actively exploited?

Yes, CVE-2025-23006 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active in-the-wild exploitation. Immediate patching is required.

How to fix or mitigate CVE-2025-23006?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Restrict deserialization to trusted data sources and implement integrity checks.

Sma8200V CVE-2025-23006

CRITICAL

Deserialization of Untrusted Data (CWE-502)

2025-01-23 PSIRT@sonicwall.com

Deserialization Sma8200V Sma6200 Firmware Sma6210 Firmware Sma7200 Firmware Sma7210 Firmware Sra Ex6000 Firmware Sra Ex7000 Firmware Sra Ex9000 Firmware

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:05 vuln.today

Added to CISA KEV

Oct 31, 2025 - 15:56 cisa

CISA KEV

CVE Published

Jan 23, 2025 - 12:15 nvd

CRITICAL 9.8

DescriptionNVD

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

AnalysisAI

SonicWall SMA1000 AMC and CMC contain a pre-authentication deserialization vulnerability allowing unauthenticated remote attackers to execute arbitrary OS commands on the management appliance.

Technical ContextAI

The CWE-502 deserialization flaw in the Appliance Management Console (AMC) and Central Management Console (CMC) processes untrusted serialized data before authentication, allowing attackers to inject malicious objects that execute OS commands.

RemediationAI

Apply SonicWall security patches. Restrict management console access to trusted networks. Rotate all credentials stored on the SMA1000.

CVE-2025-23006 vulnerability details – vuln.today

Back

Sma8200V CVE-2025-23006

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code