CVE-2025-40602

KEV
Published: Dic 18, 2025 Last Modified: Dic 19, 2025
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: high
Privileges Required: high
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0186
Percentile
0,8th
Updated

EPSS Score Trend (Last 40 Days)

250

Execution with Unnecessary Privileges

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability Access Control
Potential Impacts:
Gain Privileges Or Assume Identity Execute Unauthorized Code Or Commands Read Application Data Dos: Crash, Exit, Or Restart
Applicable Platforms
Technologies: Mobile
Likelihood of Exploit: Medium
View CWE Details
862

Missing Authorization

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Access Control Availability
Potential Impacts:
Read Application Data Read Files Or Directories Modify Application Data Modify Files Or Directories Gain Privileges Or Assume Identity Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Resource Consumption (Other)
Applicable Platforms
Technologies: AI/ML, Database Server, Not Technology-Specific, Web Server
Likelihood of Exploit: High
View CWE Details
Operating System

Sma6210 Firmware by Sonicwall

Product Information
Vendor Sonicwall
Product Sma6210 Firmware
Version Range Affected
To 12.4.3-03245 (exclusive)
cpe:2.3:o:sonicwall:sma6210_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sma7210 Firmware by Sonicwall

Product Information
Vendor Sonicwall
Product Sma7210 Firmware
Version Range Affected
From 12.5.0 (inclusive)
To 12.5.0-02283 (exclusive)
cpe:2.3:o:sonicwall:sma7210_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Sma8200V by Sonicwall

Product Information
Vendor Sonicwall
Product Sma8200V
Version Range Affected
From 12.5.0 (inclusive)
To 12.5.0-02283 (exclusive)
cpe:2.3:a:sonicwall:sma8200v:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sma7200 Firmware by Sonicwall

Product Information
Vendor Sonicwall
Product Sma7200 Firmware
Version Range Affected
From 12.5.0 (inclusive)
To 12.5.0-02283 (exclusive)
cpe:2.3:o:sonicwall:sma7200_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sma7200 Firmware by Sonicwall

Product Information
Vendor Sonicwall
Product Sma7200 Firmware
Version Range Affected
To 12.4.3-03245 (exclusive)
cpe:2.3:o:sonicwall:sma7200_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sma6210 Firmware by Sonicwall

Product Information
Vendor Sonicwall
Product Sma6210 Firmware
Version Range Affected
From 12.5.0 (inclusive)
To 12.5.0-02283 (exclusive)
cpe:2.3:o:sonicwall:sma6210_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sma7210 Firmware by Sonicwall

Product Information
Vendor Sonicwall
Product Sma7210 Firmware
Version Range Affected
To 12.4.3-03245 (exclusive)
cpe:2.3:o:sonicwall:sma7210_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Sma8200V by Sonicwall

Product Information
Vendor Sonicwall
Product Sma8200V
Version Range Affected
To 12.4.3-03245 (exclusive)
cpe:2.3:a:sonicwall:sma8200v:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sma6200 Firmware by Sonicwall

Product Information
Vendor Sonicwall
Product Sma6200 Firmware
Version Range Affected
From 12.5.0 (inclusive)
To 12.5.0-02283 (exclusive)
cpe:2.3:o:sonicwall:sma6200_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sma6200 Firmware by Sonicwall

Product Information
Vendor Sonicwall
Product Sma6200 Firmware
Version Range Affected
To 12.4.3-03245 (exclusive)
cpe:2.3:o:sonicwall:sma6200_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalo…
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025…
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-…
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019