CVE-2025-40602

MEDIUM CISA KEV

Published Dec 18, 2025 Modified Dec 19, 2025 CWE-250 CWE-862

Description

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

CVSS v3.1 Score

6.6

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild.

Added: Dec 17, 2025 Remediation due: Dec 24, 2025

Weakness Type (CWE)

CWE-250 CWE-250

CWE-862 Missing Authorization

Affected Products

Vendor	Product	Versions
sonicwall	sma6200_firmware	< 12.4.3-03245
sonicwall	sma6200_firmware	12.5.0 — 12.5.0-02283
sonicwall	sma6200	All
sonicwall	sma6210_firmware	< 12.4.3-03245
sonicwall	sma6210_firmware	12.5.0 — 12.5.0-02283
sonicwall	sma6210	All
sonicwall	sma7200_firmware	< 12.4.3-03245
sonicwall	sma7200_firmware	12.5.0 — 12.5.0-02283
sonicwall	sma7200	All
sonicwall	sma7210_firmware	< 12.4.3-03245
sonicwall	sma7210_firmware	12.5.0 — 12.5.0-02283
sonicwall	sma7210	All
sonicwall	sma8200v	< 12.4.3-03245
sonicwall	sma8200v	12.5.0 — 12.5.0-02283

References

Advisories & Patches

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019

Other References

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-40602

Frequently Asked Questions

What is CVE-2025-40602? +

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC). It has a CVSS v3.1 base score of 6.6 (MEDIUM). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.

How severe is CVE-2025-40602? +

CVE-2025-40602 has a CVSS v3.1 score of 6.6 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.

What products are affected by CVE-2025-40602? +

CVE-2025-40602 affects products from sonicwall, specifically: sma6200, sma6200_firmware, sma6210, sma6210_firmware, sma7200, sma7200_firmware, sma7210, sma7210_firmware, sma8200v. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2025-40602? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-8370

Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power …

CVE-2026-40550

mpGabinet is vulnerable to Privilege Escalation due to excessive database privileges assigned to the user used by the application. An …

CVE-2024-43650

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Iocharger firmware for AC models allows OS …

CVE-2024-43651

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue …

CVE-2024-43655

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue …

CVE-2025-22366

The authenticated firmware update capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution …

Quick Facts

CVSS Score: 6.6
Severity: MEDIUM
Published: Dec 18, 2025
KEV: Active Exploit

Scan for this vulnerability

Check if your website or infrastructure is affected by CVE-2025-40602.

Website Scan Port Scan

Browse CVEs

Critical High CISA KEV ! Most likely exploited →