
Researchers from Microsoft Threat Intelligence alerted the company to suspected threat activity.
Cybersecurity Dive reports:
SonicWall issued an alert Friday that a critical remote code execution vulnerability in its SMA appliances is under active exploitation by malicious hackers and urged customers to immediately update any vulnerable firmware.
Researchers from Microsoft Threat Intelligence had warned SonicWall about the pre-authentication remote code execution vulnerability, listed at CVE-2025-23006, which could allow attackers with access to the internal interface of the appliance to gain control, according to a post on X. The vulnerability has a severity score of 9.8.
Read more at Cybersecurity Dive.