SonicWall SMA1000 AMC Privilege Escalation

MEDIUM (6.6) No Patch
cwe-250cwe-862appliance-management-consolefirmware-vulnerabilitylocal-privilege-escalationsma1000sonicwall

Threat Intelligence

Low Risk
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

The SonicWall SMA1000 appliance management console (AMC) is a network management system used by organizations to monitor and manage their SonicWall firewalls. The vulnerability allows attackers to escalate privileges locally, potentially gaining full administrative access to the device without any user interaction.

Am I affected?

You're affected if you use A local privilege escalation vulnerability due to. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.

Affected Products

SonicWall / SMA1000 AMC

How to fix

  1. Upgrade to firmware version 10.8.2 or later: https://support.sonicwall.com/KB101144.html
  2. Immediate mitigations:
  3. Restrict network access to your SMA1000 instance (firewall it from the public internet)
  4. Audit AMC activity for suspicious access patterns
  5. Monitor for unauthorized privilege escalation attempts

References