Code Execution Vulnerability in SonicWall Email Security Appliance
CVE-2025-40604

6.5MEDIUM

Key Information:

Vendor: Sonicwall
Status: Email Security
Vendor: CVE Published:; 20 November 2025

What is CVE-2025-40604?

The vulnerability involves an insecure process within the SonicWall Email Security appliance that allows the download of root filesystem images without verifying signatures. This flaw provides attackers with access to VMDK or datastore files, enabling them to modify system files. Consequently, an attacker can effectuate persistent arbitrary code execution, potentially compromising the integrity and security of the affected systems.

Affected Version(s)

Email Security Linux 10.0.33.8195 and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Brian Mariani of DigitalCanion SA - www.digitalcanion.com

JSON