SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely

SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely

Posted on By CWS

SonicWall has disclosed a important stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That enables distant unauthenticated attackers to crash firewalls by means of denial-of-service assaults.

The vulnerability was internally found and reported by SonicWall’s safety staff. The flaw, tracked as CVE-2025-40601, carries a CVSS rating of seven.5 and impacts a number of generations of SonicWall firewall merchandise.

FieldValueCVE IDCVE-2025-40601CWECWE-121CVSS Score7.5 (Excessive)CVSS VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Understanding the Vulnerability

The vulnerability exists within the SSLVPN service part of SonicOS and stems from a stack-based buffer overflow weak spot (CWE-121).

When exploited, an attacker can ship specifically crafted requests to the susceptible SSLVPN interface with out authentication, inflicting the affected firewall to crash and interrupting companies.

SonicWall states that this vulnerability solely impacts units with the SSLVPN interface or service enabled on the firewall. Organizations that don’t use this function stay unaffected.

Presently, SonicWall PSIRT stories no energetic exploitation within the wild, and no proof-of-concept code has been publicly launched.

PlatformModelsAffected VersionsFixed VersionGen7 {Hardware} FirewallsTZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700-6700, NSsp 10700-157007.3.0-7012 and older7.3.1-7013 and higherGen7 Digital Firewalls (NSv)NSv270, NSv470, NSv870 (ESX, KVM, HYPER-V, AWS, Azure)7.3.0-7012 and older7.3.1-7013 and higherGen8 FirewallsTZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800-58008.0.2-8011 and older8.0.3-8011 and better

The vulnerability impacts each Gen7 and Gen8 SonicWall firewalls throughout {hardware} and digital platforms.

Gen7 units operating firmware variations 7.3.0-7012 and older are susceptible, whereas Gen8 firewalls with variations 8.0.2-8011 and earlier are affected. SonicWall Gen6 firewalls and SMA 1000/100 sequence SSL VPN merchandise aren’t impacted.

SonicWall strongly urges organizations to replace to the patched firmware variations instantly.

Till patches may be utilized, directors ought to limit SSLVPN entry to trusted supply IP addresses solely or disable the service from untrusted web sources by modifying current entry guidelines.

Observe us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , ,

Related Posts

Microsoft’s Plan to Phase Out NTLM for Enhanced Security Microsoft’s Plan to Phase Out NTLM for Enhanced Security Cyber Security News
Top 10 Best Ransomware Protection Solutions In 2025 Top 10 Best Ransomware Protection Solutions In 2025 Cyber Security News
Critical Litecoin Flaw Triggers Network Disruption Critical Litecoin Flaw Triggers Network Disruption Cyber Security News
Countering Spear Phishing with Advanced Email Security Solutions Countering Spear Phishing with Advanced Email Security Solutions Cyber Security News
Chinese Front Companies Providing Advanced Steganography Solutions for APT Operations Chinese Front Companies Providing Advanced Steganography Solutions for APT Operations Cyber Security News
Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS Cyber Security News