Code Execution Vulnerability in SonicWall Email Security Appliance
CVE-2025-40604

Currently unrated

Key Information:

Vendor

Sonicwall
Status
Email Security
Vendor
CVE Published:
20 November 2025

What is CVE-2025-40604?

The vulnerability involves an insecure process within the SonicWall Email Security appliance that allows the download of root filesystem images without verifying signatures. This flaw provides attackers with access to VMDK or datastore files, enabling them to modify system files. Consequently, an attacker can effectuate persistent arbitrary code execution, potentially compromising the integrity and security of the affected systems.

Affected Version(s)

Email Security Linux 10.0.33.8195 and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...
vendor-advisory

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Brian Mariani of DigitalCanion SA - www.digitalcanion.com
JSON
.
CVE-2025-40604 : Code Execution Vulnerability in SonicWall Email Security Appliance