vulnerability
SonicWall SMA 100: CVE-2025-40603: SonicWall SMA100 Potential Exposure of Sensitive Information in Log File
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:M/C:C/I:N/A:N) | Oct 30, 2025 | Nov 10, 2025 | Nov 12, 2025 |
Severity
6
CVSS
(AV:N/AC:M/Au:M/C:C/I:N/A:N)
Published
Oct 30, 2025
Added
Nov 10, 2025
Modified
Nov 12, 2025
Description
A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data.SonicWall strongly recommends that users of the SMA 100 series products (SMA 210, 410, and 500v) upgrade to the specified fixed release version to remediate this vulnerability. SonicWall PSIRT is not aware of active exploitation of this vulnerability in the wild. No reports of a PoC have been made public and malicious use of this vulnerability has not been reported to SonicWall.
Solution
sonicwall-sma-100-upgrade-10_2_2_3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.