CVE-2025-40604 – SonicWall Email Security Persistent Arbitrary Code Execution

CVE ID : CVE-2025-40604

Published : Nov. 20, 2025, 12:17 p.m. | 56 minutes ago

Description : Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…