{"id":143,"date":"2025-01-25T20:46:31","date_gmt":"2025-01-25T20:46:31","guid":{"rendered":"https:\/\/aldomonges.com\/aldomonges\/?p=143"},"modified":"2025-01-25T20:46:31","modified_gmt":"2025-01-25T20:46:31","slug":"vulnerabilidad-critica-en-productos-sonicwall","status":"publish","type":"post","link":"https:\/\/aldomonges.com\/aldomonges\/?p=143","title":{"rendered":"Vulnerabilidad cr\u00edtica en productos SonicWall"},"content":{"rendered":"<p>Se ha detectado una vulnerabilidad cr\u00edtica en los dispositivos SonicWall Secure Mobile Access <strong>(<\/strong><strong><em>SMA<\/em><\/strong><strong>)<\/strong> <strong>1000<\/strong>, que podr\u00eda permitir a un actor malicioso tomar el control completo de estos equipos y la ejecuci\u00f3n de comandos arbitrarios.<\/p>\n<p><strong>Producto afectado<\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li>SonicWall SMA1000 Appliance Management Console (AMC) y Central Management Console (CMC) versi\u00f3n 12.4.3-02804 y versiones anteriores para plataformas Linux<\/li>\n<\/ul>\n<p><strong>Impacto<\/strong><\/p>\n<p>La vulnerabilidad se identifica como CVE-2025-23006 con una puntuaci\u00f3n de 9.8 en la escala CVSSv3, de severidad cr\u00edtica. La vulnerabilidad de deserializaci\u00f3n de datos no confiables previa a la autenticaci\u00f3n en la consola de administraci\u00f3n de dispositivos <strong>SMA 1000<\/strong> <strong>(AMC)<\/strong> y la consola de administraci\u00f3n central <strong>(CMC)<\/strong> podr\u00eda permitir, en condiciones espec\u00edficas, a un actor malicioso ejecutar comandos arbitrarios <strong>(RCE)<\/strong> del Sistema Operativo <strong>(SO)<\/strong> de forma remota y sin autenticarse.<\/p>\n<p><strong>Recomendaci\u00f3n<\/strong><\/p>\n<p>Actualizar a la \u00faltima versi\u00f3n disponible, desde el sitio web oficial del fabricante.<\/p>\n<p><strong>Referencias<\/strong><\/p>\n<p>https:\/\/psirt.global.sonicwall.com\/vuln-detail\/SNWLID-2025-0002<\/p>\n<p>https:\/\/www.cve.org\/CVERecord?id=CVE-2025-23006<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Se ha detectado una vulnerabilidad cr\u00edtica en los dispositivos SonicWall Secure Mobile Access (SMA) 1000, que podr\u00eda permitir a un actor malicioso tomar el control [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[14],"class_list":["post-143","post","type-post","status-publish","format-standard","hentry","category-seguridad-informatica","tag-https-encrypted-tbn0-gstatic-com-imagesqtbnand9gcsth5gqklkjysmwh9bkchfdkxnnjnqkq-hzbqs"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/posts\/143","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=143"}],"version-history":[{"count":1,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/posts\/143\/revisions"}],"predecessor-version":[{"id":144,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/posts\/143\/revisions\/144"}],"wp:attachment":[{"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=143"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}