SonicWall, a California-based cybersecurity vendor, is facing a significant rise in vulnerabilities within its range of devices and software, putting users at increased risk of cyber intrusions. The year commenced with the company unveiling nine security advisories on January 7, and as of now, the total number of publicly disclosed vulnerabilities has escalated to 20.
Moreover, these vulnerabilities are prominent in the Cybersecurity and Infrastructure Security Agency’s known exploited vulnerabilities (KEV) catalog, reflecting a growing trend as cybercriminals specifically target SonicWall products. According to cybersecurity authorities, four vulnerabilities have been actively exploited in SonicWall products this year, culminating in a total of 14 exploited vulnerabilities since late 2021, eight of which have been implicated in ransomware campaigns.
The latest wave of vulnerabilities includes a trio originating from SonicWall Secure Mobile Access (SMA) 100 Appliances, as well as a critical defect in the SonicWall SonicOS. The identified vulnerabilities include CVE-2023-44221, CVE-2021-20035, CVE-2025-23006, and CVE-2024-53704. These vulnerabilities pose serious risks as they may allow malicious actors to achieve remote code execution, granting them control over affected devices.
In a troubling turn of events, SonicWall recently disclosed three additional vulnerabilities: CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821, impacting the SMA 100 series. Despite SonicWall’s prompt action to release patches for these vulnerabilities, concerns persist that exploitation may have already occurred, as indicated by Ryan Emmons of Rapid7.
SonicWall, which has yet to sign the CISA’s secure-by-design pledge, announces measures to enhance security among its products, including introducing security features by default in its latest devices. However, with a significant portion of vulnerabilities stemming from outdated technology, the cybersecurity landscape illustrates the urgency for vendors in addressing potential threats before they escalate further.