SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely

Posted on By CWS

SonicWall has disclosed a important stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That enables distant unauthenticated attackers to crash firewalls by means of denial-of-service assaults.

The vulnerability was internally found and reported by SonicWall’s safety staff. The flaw, tracked as CVE-2025-40601, carries a CVSS rating of seven.5 and impacts a number of generations of SonicWall firewall merchandise.

FieldValueCVE IDCVE-2025-40601CWECWE-121CVSS Score7.5 (Excessive)CVSS VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Understanding the Vulnerability

The vulnerability exists within the SSLVPN service part of SonicOS and stems from a stack-based buffer overflow weak spot (CWE-121).

When exploited, an attacker can ship specifically crafted requests to the susceptible SSLVPN interface with out authentication, inflicting the affected firewall to crash and interrupting companies.

SonicWall states that this vulnerability solely impacts units with the SSLVPN interface or service enabled on the firewall. Organizations that don’t use this function stay unaffected.

Presently, SonicWall PSIRT stories no energetic exploitation within the wild, and no proof-of-concept code has been publicly launched.

PlatformModelsAffected VersionsFixed VersionGen7 {Hardware} FirewallsTZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700-6700, NSsp 10700-157007.3.0-7012 and older7.3.1-7013 and higherGen7 Digital Firewalls (NSv)NSv270, NSv470, NSv870 (ESX, KVM, HYPER-V, AWS, Azure)7.3.0-7012 and older7.3.1-7013 and higherGen8 FirewallsTZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800-58008.0.2-8011 and older8.0.3-8011 and better

The vulnerability impacts each Gen7 and Gen8 SonicWall firewalls throughout {hardware} and digital platforms.

Gen7 units operating firmware variations 7.3.0-7012 and older are susceptible, whereas Gen8 firewalls with variations 8.0.2-8011 and earlier are affected. SonicWall Gen6 firewalls and SMA 1000/100 sequence SSL VPN merchandise aren’t impacted.

SonicWall strongly urges organizations to replace to the patched firmware variations instantly.

Till patches may be utilized, directors ought to limit SSLVPN entry to trusted supply IP addresses solely or disable the service from untrusted web sources by modifying current entry guidelines.

Observe us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , ,

Related Posts

New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network Cyber Security News
Free Decryptor Released for AI-Assisted FunkSec Ransomware Cyber Security News
Cisco Nexus Dashboard Fabric Controller Vulnerability Allows Attackers Device Impersonate as Managed Devices Cyber Security News
Hackers Can Exfiltrate Windows Secrets and Credentials Silently by Evading EDR Detection Cyber Security News
COLDRIVER APT Group Uses ClickFix To Deliver a New PowerShell-Based Backdoor BAITSWITCH Cyber Security News
Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments Cyber Security News