Active Exploitation of SonicWall SMA Devices Since January 2025

A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) devices has been actively exploited since at least January 2025, according to cybersecurity firm Arctic Wolf. This vulnerability allows attackers to execute arbitrary code on SMA devices, thereby compromising the security of networks using these devices. The specific technical details of the vulnerability were not disclosed in the article. The actual impacts of these attacks were not detailed, but exploitation of this vulnerability could enable attackers to take control of SMA devices and access internal networks.