CVE-2025-40602 | Severity.io

Description

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

Related CPE's

sonicwall

sma6200_firmware

sonicwall

sma6210_firmware

sonicwall

sma7200_firmware

sonicwall

sma7210_firmware

sonicwall

sma8200v

References

Vendor Advisory

US Government Resource

Weaknesses

Secondary

CWE-250CWE-862

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

6.6 · Medium

Information

Source identifier

Vulnerability status

Analyzed

Published

2025-12-18T11:15:46.760

28 hours ago

Last modified

2025-12-19T13:57:43.150

1 hour ago