<ul><li>SonicWall addressed three SMA 100 vulnerabilities, including a potential zero-day, that could allow remote code execution if chained.</li><li>The vulnerabilities (CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821) involve file deletion, path traversal, and command injection.</li><li>Rapid7 researchers discovered the flaws in April 2025 and demonstrated a full exploit chain leading to root-level remote code execution.</li><li>The vulnerabilities have been fixed in version 10.2.1.15-81sv, and it is believed that they may have been exploited in real-world attacks.</li></ul>

SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code

Discover more