Critical Vulnerability in SonicWall SMA 100 Devices Exploited by Overstep Malware

SonicWall has addressed a critical vulnerability (CVE-2025-40599) with a CVSS score of 9.1 affecting its SMA 100 devices. This flaw has been actively exploited in attacks involving the Overstep malware. The vulnerability allows for arbitrary code execution post-authentication, posing a significant risk to enterprise networks that rely on these devices for secure remote access. Experts recommend verifying installations for Indicators of Compromise (IoCs) linked to these attacks. The exploitation of this vulnerability can lead to severe consequences, including unauthorized access to internal networks and potential data breaches. Immediate patching is crucial to mitigate the risk. Additionally, organizations should enhance their monitoring and detection capabilities to identify any signs of compromise related to Overstep malware. Strengthening authentication mechanisms and monitoring authenticated sessions can also help reduce the risk of exploitation. The active exploitation of this vulnerability underscores the importance of maintaining robust cybersecurity practices and having an effective incident response plan in place.