[[{“value”:”
SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface.
Tracked as CVE-2025-40595, the vulnerability carries a CVSS v3 score of 7.2, indicating a high-severity risk.
Discovered by security researcher Ronan Kervella of Bishopfox, the flaw could enable remote, unauthenticated attackers to exploit encoded URLs to trick the appliance into sending unauthorised requests to unintended destinations, potentially compromising system security.
The vulnerability affects SonicWall SMA1000 devices running firmware version 12.4.3-02925 (platform-hotfix) or earlier.
According to SonicWall’s Product Security Incident Response Team (PSIRT), this flaw in the Work Place interface could allow attackers to manipulate the appliance’s behavior, potentially accessing internal systems or external resources not intended to be reachable.
“By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.” SonicWall said.
Affected Systems and Urgent Fix
The SMA1000, part of SonicWall’s Secure Mobile Access (SMA) product line, is designed to provide secure remote access for organizations. The vulnerability impacts all SMA1000 devices on the specified firmware versions.
Importantly, SonicWall has confirmed that its Firewall and SMA 100 series products are not affected by this issue.
To address the vulnerability, SonicWall has released a hotfix, version 12.4.3-02963 (platform-hotfix) and higher, which fully resolves the SSRF flaw.
The update is available for download through the MySonicWall portal (mysonicwall.com). SonicWall PSIRT strongly urges all SMA1000 users to apply the hotfix immediately to protect their systems from potential exploitation.
The advisory notes that failing to upgrade could leave organizations vulnerable to attacks that could disrupt operations or expose sensitive data.
No Workaround Available
Unlike some vulnerabilities where temporary mitigations can reduce risk, SonicWall has stated that no workaround is available for this issue.
This underscores the urgency of applying the hotfix, as attackers could potentially exploit the flaw without requiring authentication, increasing the likelihood of targeted attacks.
The CVSS vector (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) highlights the ease of exploitation, with low attack complexity and no user interaction or privileges required.
For organizations relying on the SMA1000 for secure remote access, this vulnerability represents a significant risk. SSRF attacks can be particularly dangerous, as they may allow attackers to pivot to internal networks, access sensitive resources, or even chain the vulnerability with other exploits.
With remote work and hybrid environments still prevalent, ensuring the security of remote access solutions like the SMA1000 is paramount.
SonicWall’s swift response in releasing a hotfix demonstrates its commitment to addressing security threats, but the onus is now on administrators to act quickly.
Organizations are advised to verify their SMA1000 firmware version, download the latest hotfix, and apply it as soon as possible.
Additionally, monitoring for unusual network activity and reviewing access logs may help detect any prior exploitation attempts.
How to Discover Vulnerable External Assets Associated with a Domain or an IP? -> Try Cyber Asset Finder for Free
The post SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely appeared first on Cyber Security News.
“}]]
Read More Cyber Security News