SonicWall Patches Critical Flaws in SMA 100 Appliances

The company just released patches to fix three security vulnerabilities in their SMA 100 Secure Mobile Access (SMA) appliances. These aren't just minor issues – they could allow attackers to remotely run code on your systems.

What are the vulnerabilities?

Here's a quick rundown of the flaws:

• CVE-2025-32819 (CVSS score: 8.8): An authenticated attacker could bypass security checks and delete any file, potentially wiping your device back to factory settings!
• CVE-2025-32820 (CVSS score: 8.3): A similar vulnerability allows an attacker to make any directory on the SMA appliance writable. Not good.
• CVE-2025-32821 (CVSS score: 6.7): An attacker with admin privileges could inject shell commands while uploading a file. Think of the possibilities for mischief!

Rapid7 explains that by chaining these vulnerabilities, an attacker could gain root-level remote code execution. Basically, they could take complete control of your system.

Interestingly, CVE-2025-32819 appears to be a bypass for a patch related to a previously reported flaw from NCC Group back in December 2021.

There's even speculation that CVE-2025-32819 might have been exploited as a zero-day vulnerability. Rapid7 mentioned that they found evidence suggesting this during incident response investigations. However, SonicWall hasn't confirmed any active exploitation of this particular flaw.

Which devices are affected?

The vulnerabilities affect the SMA 100 Series, including the SMA 200, 210, 400, 410, and 500v. The fix is available in version 10.2.1.15-81sv.

Why is this important?

This isn't happening in a vacuum. Other security flaws in SMA 100 Series devices (like CVE-2021-20035, CVE-2023-44221, and CVE-2024-38475) have been actively exploited recently. So, patching these new vulnerabilities is crucial to protect your network.

The bottom line: Update your SonicWall SMA 100 Series appliances to version 10.2.1.15-81sv as soon as possible to stay safe!