CVE-2025-23006 – IoT OT Security News

CISA KEV 警告 25/01/24：SonicWall SMA1000 の脆弱性 CVE-2025-23006 を登録

U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog

2025/01/24 SecurityAffairs — 米国の Cybersecurity and Infrastructure Security Agency (CISA) は、SonicWall SMA1000 の Appliance Management Console (AMC／Central Management Console (CMC) に存在する脆弱性 CVE-2025-23006 を、Known Exploited Vulnerabilities (KEV) に登録した。

SonicWall SMA1000 の脆弱性 CVE-2025-23006 (CVSS 9.8) が FIX：悪用も検出

CVE-2025-23006 (CVSS 9.8): SonicWall Warns of Active Exploits, Issues Urgent Update for SMA1000 Users

2025/01/23 SecurityOnline — SonicWall が発行したのは、SMA1000 の Appliance Management Console (AMC) と Central Management Console (CMC) に存在する深刻な脆弱性に関する緊急セキュリティ・アドバイザリである。この、認証を必要としないリモート・コマンド実行の脆弱性 CVE-2025-23006 (CVSS：9.8) により、攻撃者は標的とするデバイスを完全に侵害できるという。

API (238)
APT (523)
Asia (398)
AuthN AuthZ (789)
BruteForce (66)
BugBounty (73)
CyberAttack (3,201)
DarkWeb (228)
DataBreach (550)
DataLeak (194)
DDoS (164)
DoubleExtortion (15)
Exploit (1,361)
Literacy (2,281)
LOLbin (57)
MageCartAttack (14)
Malware (1,421)
MCP (16)
MisConfiguration (57)
NHI (8)
Outage (106)
ParadigmShift (181)
Privacy (240)
Protection (649)
RaaS (121)
Ransomware (721)
RAT (777)
Repository (325)
Research (1,210)
Resilience (133)
Scammer (614)
SecTools (210)
SocialEngineering (47)
SupplyChain (404)
TTP (1,001)
Uncategorized (11)
Vulnerability (4,503)
WateringHoleAttack (4)
Zero Trust (382)
_AI/ML (306)
_CDN (4)
_Cloud (364)
_Container (73)
_CryptCcurrency (40)
_Defence (162)
_Education (8)
_Finance (160)
_Government (1,037)
_HealthCare (47)
_Human (51)
_ICS (85)
_IDS/IPS (182)
_Industry (221)
_Infrastructure (129)
_Mobile (162)
_OpenSource (1,385)
_PLC (39)
_Regulation (158)
_Retail (76)
_RTOS (6)
_Space (26)
_Statistics (415)
_Storage (70)
_Telecom (77)
_Transportation (56)