SonicWall Secure Mobile Access < 10.2.1.15-81sv (SNWLID-2025-0011)

high Nessus Plugin ID 235656

Synopsis

The remote host is missing a security update.

Description

The version of SonicWall Secure Mobile Access installed on the remote host is prior to 10.2.1.15-81sv. It is, therefore, affected by multiple vulnerabilities as referenced in the SNWLID-2025-0011 advisory:

- A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
(CVE-2025-32819)

- A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable. (CVE-2025-32820)

- A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance. (CVE-2025-32821)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade SonicWall Secure Mobile Access version 10.2.1.15-81sv or later.

See Also

http://www.nessus.org/u?73dcef8b

Plugin Details

Severity: High

ID: 235656

File Name: sonicwall_sma_SNWLID-2025-0011.nasl

Version: 1.1

Type: remote

Family: CGI abuses

Published: 5/9/2025

Updated: 5/9/2025

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-32819

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/o:sonicwall:firmware

Required KB Items: installed_sw/SonicWall Secure Mobile Access, Settings/ParanoidReport

Patch Publication Date: 5/7/2025

Vulnerability Publication Date: 5/7/2025

Reference Information

CVE: CVE-2025-32819, CVE-2025-32820, CVE-2025-32821

IAVA: 2025-A-0319