好的,我现在需要帮用户总结一篇文章的内容,控制在100字以内。首先,我得仔细阅读文章内容,理解主要信息。 文章主要讲的是SonicWall公司警告客户修补SMA1000设备中的一个漏洞。这个漏洞被用于零日攻击中,导致权限提升。漏洞的严重程度是中等,由Google的研究人员发现。攻击者结合了另一个高危漏洞CVE-2025-23006,实现了远程代码执行。目前有超过950台设备暴露在互联网上。 接下来,我需要提取关键点:SonicWall警告、SMA1000漏洞、零日攻击、权限提升、CVE编号、影响范围和修复建议。 然后,我要把这些信息浓缩成一句话,不超过100字。要确保包含主要实体和动作,比如公司、产品、漏洞、攻击类型和建议措施。 最后,检查语言是否简洁明了,没有多余的信息。 </think> SonicWall警告客户修补SMA1000设备中的一个本地权限提升漏洞(CVE-2025-40602),该漏洞被用于零日攻击中结合另一个高危预身份验证反序列化漏洞(CVE-2025-23006),实现远程代码执行并获取root权限。超过950台设备暴露于互联网。 2025-12-17 17:45:16 Author: www.bleepingcomputer.com(查看原文) 阅读量:3 收藏
SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges.
According to SonicWall, this medium-severity local privilege escalation security flaw (CVE-2025-40602) was reported by Clément Lecigne and Zander Work of the Google Threat Intelligence Group, and doesn't affect SSL-VPN running on SonicWall firewalls.
"SonicWall PSIRT strongly advises users of the SMA1000 product to upgrade to the latest hotfix release version to address the vulnerability," the company said in a Wednesday advisory.
Remote unauthenticated attackers chained this vulnerability with a critical-severity SMA1000 pre-authentication deserialization flaw (CVE-2025-23006) in zero-day attacks to execute arbitrary OS commands under specific conditions.
"This vulnerability was reported to be leveraged in combination with CVE-2025-23006 (CVSS score 9.8) to achieve unauthenticated remote code execution with root privileges. CVE-2025-23006 was remediated in build version 12.4.3-02854 (platform-hotfix) and higher versions (released on Jan 22, 2025)."
Internet watchdog Shadowserver currently tracks over 950 SMA1000 appliances exposed online, though some may already have been patched against this attack chain.
SMA1000 is a secure remote access appliance used by large organizations to provide VPN access to corporate networks. Given their critical roles across enterprises, government, and critical infrastructure organizations, unpatched flaws pose a particularly high risk of exploitation.
Last month, SonicWall linked state-backed hackers to a September security breach that exposed customers' firewall configuration backup files, roughly one month after researchers warned of over 100 SonicWall SSLVPN accountscompromised using stolen credentials.
In September, it also released a firmware update to help IT admins remove OVERSTEP rootkit malware deployed in attacks against SMA 100 series devices.
One month earlier, SonicWall dismissed claims that the Akira ransomware gang was hacking Gen 7 firewalls using a potential zero-day exploit and tied the incidents to a critical vulnerability (CVE-2024-40766) patched in November 2024.
Cybersecurity firm Rapid7 and the Australian Cyber Security Center (ACSC) later confirmed SonicWall's findings, saying the Akira gang is exploiting CVE-2024-40766 to target unpatched SonicWall devices.
Break down IAM silos like Bitpanda, KnowBe4, and PathAI
Broken IAM isn't just an IT problem - the impact ripples across your whole business.
This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.
如有侵权请联系:admin#unsafe.sh