Primary

Context

SonicWall Email Security Download of Code Without Integrity Check Vulnerability

Vulnerability

Patched

A vulnerability allowing the download of code without integrity verification has been identified in the SonicWall Email Security appliance. This issue affects versions through 10.0.33.8195 on the ES Appliance 5000, 5050, 7000, 7050, 9000, as well as VMWare and Hyper-V deployments. The vulnerability arises because the appliance loads root filesystem images without verifying their signatures. As a result, attackers with access to VMDK files or the datastore can modify system files, leading to persistent arbitrary code execution.

Impact

Exploitation of this vulnerability allows for persistent arbitrary code execution on the affected system.

Remediation

Users are advised to upgrade to SonicWall Email Security versions 10.0.34.8215, 10.0.34.8223 or higher. Instructions for upgrading can be found in the SonicWall PSIRT advisory SNWLID-2025-0018.

Added: Nov 20, 2025, 3:32 PM

Updated: Nov 20, 2025, 7:24 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

7.5

exploitability

5.0

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

7.5

exploitability

5.0

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SonicWall Email Security Download of Code Without Integrity Check Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SonicWall Email Security

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating