- Description
- Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.
- Source
- PSIRT@sonicwall.com
- NVD status
- Analyzed
- Products
- email_security_appliance_5000_firmware, email_security_appliance_5050_firmware, email_security_appliance_7000_firmware, email_security_appliance_7050_firmware, email_security_appliance_9000_firmware
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- PSIRT@sonicwall.com
- CWE-494
- Hype score
- Not currently trending
#VulnerabilityReport #CodeIntegrityBypass SonicWall Patches Two Vulnerabilities in Email Security Appliances, Including Code Execution Flaw (CVE-2025-40604) https://t.co/txRo4BTKre
@Komodosec
29 Dec 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SECURITY ALERT: CVE-2025-40604 Exploit Fix & Mitigation Guide Read more: https://t.co/gLaHosUUk6 #Cybersecurity #CVE https://t.co/DbB8fXSynJ
@SecReportCVE
19 Dec 2025
23 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
SonicWall patched a critical flaw (CVE-2025-40604) in its Email Security appliances. The bug allows persistent RCE by exploiting a lack of integrity checks when loading the root filesystem image from the VM datastore. #SonicWall #RCE #Cybersecurity https://t.co/F8EgnVZZZr
@the_yellow_fall
23 Nov 2025
310 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-40604 and CVE-2025-40605: Download of Code Without Integrity Check Vulnerability // Path Traversal Vulnerability CVSS: 7.2 & 4.9 Advisory: https://t.co/pFHx8VX7wT Affected Product(s): Email Security (ES Appliance 5000, 5050, 7000, 7050, 9000, VMWare and Hyper-
@DarkWebInformer
20 Nov 2025
3028 Impressions
2 Retweets
7 Likes
3 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1B8BFC-9721-491D-B803-1571D0702596",
"versionEndIncluding": "10.0.33.8195",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9126B7-5C64-4692-954C-6EF71261862C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_5050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E47DFE3-0731-4E63-99B4-14EBE778BB92",
"versionEndIncluding": "10.0.33.8195",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_5050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "271F06DD-8DAA-46EF-A803-659EA253CC63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24C2A297-95A8-48ED-BACC-81E8B7E85681",
"versionEndIncluding": "10.0.33.8195",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A114E829-5FC6-4321-8D28-C63EC09F9099",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_7050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD71CC1-27B3-4782-85A7-6D6F17C20A5E",
"versionEndIncluding": "10.0.33.8195",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_7050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "443B635B-6B08-479B-A635-26724B192BF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C95DDA2E-E2DC-4F98-9901-0A10E7D0A168",
"versionEndIncluding": "10.0.33.8195",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2434930-79AB-4AA9-AAC8-B116F3CD5CC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
]