SonicWall has released a critical security patch addressing CVE-2025-40602, a vulnerability actively exploited in its SMA 100 series appliances. This fix is crucial for organizations using these secure mobile access devices, as the flaw has been observed being used in real-world attacks. Prompt action is required to secure these appliances against ongoing threats.

Details of CVE-2025-40602 and Its Impact

CVE-2025-40602 is described as a post-authentication buffer overflow vulnerability. This type of flaw can lead to remote code execution, meaning that an authenticated attacker could potentially run arbitrary code on the affected appliance. The ability to execute code remotely allows attackers to gain full control over the SMA 100 device, potentially compromising network access, sensitive data, and connected resources. The fact that this vulnerability is actively exploited elevates its risk profile significantly.

Immediate Action: Patching Your SMA 100 Appliances

SonicWall strongly urges all customers using SMA 100 series appliances, including SMA 200, 210, 400, 410, and 500v devices, to apply the released patch immediately. The company has provided specific firmware versions that remediate the vulnerability. Administrators should prioritize updating their devices to the secure versions to prevent further exploitation. Regular security updates and monitoring are essential practices for maintaining a strong security posture against evolving cyber threats.

Source: https://thehackernews.com/2025/12/sonicwall-fixes-actively-exploited-cve.html