Serial number: AV25-845
Date: December 17, 2025
Updated: December 17, 2025
On December 17, 2025, SonicWall published a security advisory to address a vulnerability in the following product:
- SMA 100 – versions 12.4.3-03093 (platform-hotfix) and prior
- SMA 100 – versions 12.5.0-02002 (platform-hotfix) and prior
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
Update 1
On December 17, 2025, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-40602 to their Known Exploited Vulnerabilities (KEV) Database.
Open-source reporting indicates that CVE-2025-40602 is being exploited.