SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely

SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely

Posted on By CWS

SonicWall has disclosed a important stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That enables distant unauthenticated attackers to crash firewalls by means of denial-of-service assaults.

The vulnerability was internally found and reported by SonicWall’s safety staff. The flaw, tracked as CVE-2025-40601, carries a CVSS rating of seven.5 and impacts a number of generations of SonicWall firewall merchandise.

FieldValueCVE IDCVE-2025-40601CWECWE-121CVSS Score7.5 (Excessive)CVSS VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Understanding the Vulnerability

The vulnerability exists within the SSLVPN service part of SonicOS and stems from a stack-based buffer overflow weak spot (CWE-121).

When exploited, an attacker can ship specifically crafted requests to the susceptible SSLVPN interface with out authentication, inflicting the affected firewall to crash and interrupting companies.

SonicWall states that this vulnerability solely impacts units with the SSLVPN interface or service enabled on the firewall. Organizations that don’t use this function stay unaffected.

Presently, SonicWall PSIRT stories no energetic exploitation within the wild, and no proof-of-concept code has been publicly launched.

PlatformModelsAffected VersionsFixed VersionGen7 {Hardware} FirewallsTZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700-6700, NSsp 10700-157007.3.0-7012 and older7.3.1-7013 and higherGen7 Digital Firewalls (NSv)NSv270, NSv470, NSv870 (ESX, KVM, HYPER-V, AWS, Azure)7.3.0-7012 and older7.3.1-7013 and higherGen8 FirewallsTZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800-58008.0.2-8011 and older8.0.3-8011 and better

The vulnerability impacts each Gen7 and Gen8 SonicWall firewalls throughout {hardware} and digital platforms.

Gen7 units operating firmware variations 7.3.0-7012 and older are susceptible, whereas Gen8 firewalls with variations 8.0.2-8011 and earlier are affected. SonicWall Gen6 firewalls and SMA 1000/100 sequence SSL VPN merchandise aren’t impacted.

SonicWall strongly urges organizations to replace to the patched firmware variations instantly.

Till patches may be utilized, directors ought to limit SSLVPN entry to trusted supply IP addresses solely or disable the service from untrusted web sources by modifying current entry guidelines.

Observe us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , ,

Related Posts

MediaTek Chip Flaw Exposes Android PINs in Seconds MediaTek Chip Flaw Exposes Android PINs in Seconds Cyber Security News
CodeSign Secure v3.02: Future of Code Signing with PQC CodeSign Secure v3.02: Future of Code Signing with PQC Cyber Security News
Wing FTP Server Vulnerability Actively Exploited Wing FTP Server Vulnerability Actively Exploited Cyber Security News
Microsoft 365 Exchange Online Outage Blocks Email on Outlook Mobile App Microsoft 365 Exchange Online Outage Blocks Email on Outlook Mobile App Cyber Security News
New Python RAT Mimic as Legitimate Minecraft App Steals Sensitive Data from Users Computer New Python RAT Mimic as Legitimate Minecraft App Steals Sensitive Data from Users Computer Cyber Security News
Threat Actors Leverage Google Search Ads for ‘Mac Cleaner’ to Direct Users to Malicious Websites Threat Actors Leverage Google Search Ads for ‘Mac Cleaner’ to Direct Users to Malicious Websites Cyber Security News