SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete vulnerability that was exploited in zero-day attacks in early 2021, and may have also been leveraged in the wild. The vulnerabilities and the attack chain Sonicwall SMA100 Series appliances provide a unified secure access (VPN) gateway for small and medium-size businesses, and are regularly targeted by attackers. Reported by Rapid7 … More

The post Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) appeared first on Help Net Security.