1. Home
  2. Technology
  3. Article

Hackers are breaking SonicWall products to target business networks

Hackers are breaking SonicWall products to target business networks

Share:
Hackers are breaking SonicWall products to target business networks
Technology
Source: Techradar
Published: Jan, 28 2025 15:13

Instances at the edge are being increasingly targeted. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Hackers are abusing a zero-day in a SonicWall product to break into corporate networks and deploy malware, experts have warned.

[Google Chrome Web Store for Enterprises]
Image Credit: TechRadar [Google Chrome Web Store for Enterprises]

In a security advisory, SonicWall urged its users to apply the patch, or deploy a workaround, as soon as possible. The vulnerability is tracked as CVE-2025-23006. The National Vulnerability Database (NVD) gave it a severity score of 9.6/10 - critical. It was discovered by Microsoft in the SMA 1000 Appliance Management Console (AMC) and Central Management Console (CMC), tools designed to manage and control SonicWall network security devices, particularly in environments where secure remote access and centralized management are priorities.

[Apple's new
Image Credit: TechRadar [Apple's new "Share Item Location" feature for AirTags.]

The bug was described as a “pre-authentication deserialization of untrusted data”, and says it can, in specific conditions, enable a remote unauthenticated attacker to execute arbitrary OS commands. “SonicWall PSIRT has been notified of possible active exploitation of the referenced vulnerability by threat actors,” the advisory reads. “We strongly advise users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability.”.

[Representational image of a hacker]
Image Credit: TechRadar [Representational image of a hacker]

Both SonicWall and Microsoft are not saying who the attackers are, who the victims were, or how many there were. Citing results from the Shodan search engine, BleepingComputer said there are “several thousand” SMA 1000 appliances exposed on the internet, hinting a potentially wide attack landscape for the threat actors. In recent times, threat actors have been increasingly focusing on edge devices, since they’re not as diligently monitored and allow them to break into the target infrastructure and move laterally, while remaining somewhat hidden.

[Representational image depecting cybersecurity protection]
Image Credit: TechRadar [Representational image depecting cybersecurity protection]

Continue reading...

Share:

More for You

Watch out, your office phone could be hijacked into a Mirai botnet
Watch out, your office phone could be hijacked into a Mir... Watch out, your office phone could be hijacked into a Mirai botnet Techradar
The 10 worst software disasters of 2024: cyberattacks, malicious AI, and silent threats
The 10 worst software disasters of 2024: cyberattacks, ma... The 10 worst software disasters of 2024: cyberattacks, malicious AI, and silent threats Techradar
Google wants to give IT admins more control over what Chrome extensions you use at work
Google wants to give IT admins more control over what Chr... Google wants to give IT admins more control over what Chrome extensions you use at work Techradar
Threat of cyber-attacks on Whitehall ‘is severe and advancing quickly’, NAO says
Threat of cyber-attacks on Whitehall ‘is severe and advan... Threat of cyber-attacks on Whitehall ‘is severe and advancing quickly’, NAO says The Guardian
DeepSeek security breach - critical databases exposed, more than one million records reportedly leaked
DeepSeek security breach - critical databases exposed, mo... DeepSeek security breach - critical databases exposed, more than one million records reportedly leaked Techradar

Top Followed

Sky teases launch of new ‘smarter, brighter and better than ever’ mystery product coming in weeks
21
Sky teases launch of new ‘smarter, brighter and better th... Sky teases launch of new ‘smarter, brighter and better than ever’ mystery product coming in weeks The Sun
Everyone is making the same joke about forecast map showing odd-shaped winter storm
18
Everyone is making the same joke about forecast map showi... Everyone is making the same joke about forecast map showing odd-shaped winter storm Mail Online
Apple's bad blood with Nvidia continues, after decades of fighting
8
Apple's bad blood with Nvidia continues, after decades of... Apple's bad blood with Nvidia continues, after decades of fighting Apple Insider
Why has Elon Musk changed his X name to Kekius Maximus? Reason behind meme-inspired crypto token Twitter handle
5
Why has Elon Musk changed his X name to Kekius Maximus? R... Why has Elon Musk changed his X name to Kekius Maximus? Reason behind meme-inspired crypto token Twitter handle The Sun
Scientist challenges 'out of Africa' theory with new origin for modern humans
4
Scientist challenges 'out of Africa' theory with new orig... Scientist challenges 'out of Africa' theory with new origin for modern humans Mail Online

Trending

You Might Also Like

How to share Safari tabs across different devices with iCloud Tabs
How to share Safari tabs across different devices with iCloud Tabs How to share Safari tabs across different devices with iC...
Apple Insider
M4 Mac mini may have a USB-C connectivity problem
M4 Mac mini may have a USB-C connectivity problem M4 Mac mini may have a USB-C connectivity problem
Apple Insider
Vego Kitchen Composter review: keep food scraps out of the trash
Vego Kitchen Composter review: keep food scraps out of the trash Vego Kitchen Composter review: keep food scraps out of the trash
Apple Insider
Canon's new app turns your iPhones & iPads into a multicam streaming setup
Canon's new app turns your iPhones & iPads into a multicam streaming setup Canon's new app turns your iPhones & iPads into a multica...
Apple Insider
GoChess Lite review: a surprisingly effective way to get better at chess
GoChess Lite review: a surprisingly effective way to get better at chess GoChess Lite review: a surprisingly effective way to get ...
Apple Insider
iPhone 17 rumored to get much more powerful cooling system
iPhone 17 rumored to get much more powerful cooling system iPhone 17 rumored to get much more powerful cooling system
Apple Insider
M4 Mac mini review three months later: the perfect headless Mac
M4 Mac mini review three months later: the perfect headless Mac M4 Mac mini review three months later: the perfect headless Mac
Apple Insider
How to upgrade the SSD in your M4 Mac mini
How to upgrade the SSD in your M4 Mac mini How to upgrade the SSD in your M4 Mac mini
Apple Insider
Worst & weirdest at CES 2025 -- Robotic owls, phone toasters, & unnecessary AI
Worst & weirdest at CES 2025 -- Robotic owls, phone toasters, & unnecessary AI Worst & weirdest at CES 2025 -- Robotic owls, phone toast...
Apple Insider
Brother HL-L2865DW printer review
Brother HL-L2865DW printer review Brother HL-L2865DW printer review
Techradar
Asus ProArt Display 5K review: 27-inch Retina for a bargain
Asus ProArt Display 5K review: 27-inch Retina for a bargain Asus ProArt Display 5K review: 27-inch Retina for a bargain
Apple Insider
Sigma announces two more prime lenses for Canon cameras, but I'm still waiting for full-frame third-party glass
Sigma announces two more prime lenses for Canon cameras, but I'm still waiting for full... Sigma announces two more prime lenses for Canon cameras, ...
Techradar