Patch Now: SonicWall SMA1000 Flaw (CVE-2025-40595) Enables Stealth SSRF Attacks - #CVE-2025-40595
A critical Server-Side Request Forgery (SSRF) vulnerability has been identified in SonicWall SMA1000 series appliances, posing a significant security risk. The flaw, designated as CVE-2025-40595 with a CVSS score of 7.2, affects the WorkPlace interface of SMA1000 Appliances up to version 12.4.3-02925. Unauthenticated attackers could exploit this vulnerability to make unauthorized requests to internal resources, potentially allowing them to pivot within networks and access protected systems. SonicWall has released a patch to address this issue, urging users to update to version 12.4.3-02963 or later immediately. This vulnerability highlights the importance of prompt patching and maintaining up-to-date security measures in network appliances.