Vulnerability Details CVE-2025-40602
A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.9%
CVSS Severity
CVSS v3 Score 6.6
Proposed Action
SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console (AMC) of affected devices.
Ransomware Campaign
Unknown
References
Products affected by CVE-2025-40602
-
cpe:2.3:a:sonicwall:sma8200v:*
-
cpe:2.3:a:sonicwall:sma8200v:-
-
cpe:2.3:a:sonicwall:sma8200v:12.4.3-02804
-
cpe:2.3:a:sonicwall:sma8200v:12.4.3-02854
-
cpe:2.3:h:sonicwall:sma6200:-
-
cpe:2.3:h:sonicwall:sma6210:-
-
cpe:2.3:h:sonicwall:sma7200:-
-
cpe:2.3:h:sonicwall:sma7210:-
-
cpe:2.3:o:sonicwall:sma6200_firmware:*
-
cpe:2.3:o:sonicwall:sma6200_firmware:-
-
cpe:2.3:o:sonicwall:sma6200_firmware:12.4.3-02804
-
cpe:2.3:o:sonicwall:sma6200_firmware:12.4.3-02854
-
cpe:2.3:o:sonicwall:sma6210_firmware:*
-
cpe:2.3:o:sonicwall:sma6210_firmware:-
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.4.3-02804
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.4.3-02854
-
cpe:2.3:o:sonicwall:sma7200_firmware:*
-
cpe:2.3:o:sonicwall:sma7200_firmware:-
-
cpe:2.3:o:sonicwall:sma7200_firmware:12.4.3-02804
-
cpe:2.3:o:sonicwall:sma7200_firmware:12.4.3-02854
-
cpe:2.3:o:sonicwall:sma7210_firmware:*
-
cpe:2.3:o:sonicwall:sma7210_firmware:-
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.4.3-02804
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.4.3-02854