Vulnerability Key Information Risk Level: 4.5 Overview: - Advisory ID: SNWLID-2025-0017 - Initial Release: 2025-10-30 - Last Updated: 2025-10-30 - Workaround: false - Status: Affected - CVE: CVE-2025-40603 - CWE: CWE-532 - CVSS v3: 4.5 - CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N Summary: - Log files on SonicWall SMA100 series devices may potentially expose sensitive information, allowing a remote authenticated administrator to view partial user credential data under specific conditions. - SonicWall strongly recommends users of SMA 100 series products (SMA 210, 410, and 500v) to upgrade to the specified fixed versions to remediate this vulnerability. - SonicWall PSIRT has not observed any in-the-wild exploitation of this vulnerability. SonicWall has not received any proof-of-concept reports or malicious exploitation reports related to this vulnerability. Affected Products: CPE: Workarounds: - None Fixes: Notes: Acknowledgments: - Niels Schuler from Data-Sec GmbH Revision History: - Version: 1.0 - Date: 2025-10-30 - Description: Initial release References: