The vulnerability, tracked as CVE-2025-32818, received a high severity CVSS score of 7.5 and affects numerous SonicWall firewall models running specific firmware versions.
Security researchers identified a NULL Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual Office interface.
This flaw allows an attacker to remotely trigger a firewall crash without requiring any authentication, leading to a Denial-of-Service (DoS) condition that could disrupt critical network services.
“When exploited, this vulnerability forces the device to reference a NULL pointer, causing the firewall to crash and restart,” explained Jon Williams of Bishop Fox, who is credited with discovering the vulnerability.
“Since the attack requires no authentication, it presents a significant risk to internet-facing SonicWall devices.”
The advisory classifies the vulnerability under CWE-476, which covers NULL Pointer Dereference issues.
The CVSS vector CVSS:3.0 indicates the vulnerability is network-accessible, requires low complexity to exploit, needs no privileges or user interaction, and primarily impacts system availability.
| Risk Factors | Details |
| Affected Products | – Gen7 NSv (NSv 270/470/870)- Gen7 Firewalls (TZ270/TZ370/TZ470/TZ570/TZ670 series, NSa 2700/3700/4700/5700/6700, NSsp 10700/11700/13700/15700)- TZ80 (firmware ≤8.0.0-8037) |
| Impact | Denial-of-Service (DoS) via firewall crash |
| Exploit Prerequisites | – Network access to vulnerable SSLVPN interface- No authentication required |
| CVSS 3.1 Score | 7.5 (High) |
The vulnerability impacts explicitly SonicWall Gen7 NSv models (NSv 270, NSv 470, NSv 870) and Gen7 Firewalls including TZ series (TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670), NSa series (NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700), and NSsp series (NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700) running firmware versions 7.1.1-7040 to 7.1.3-7015.
Additionally, the TZ80 model running firmware version 8.0.0-8037 and earlier is affected. Notably, SonicOS GEN6 and GEN7 7.0. x firmware versions are not vulnerable to this exploit.
SonicWall has released fixed versions to address this vulnerability. Affected customers are strongly advised to upgrade to firmware version 7.2.0-7015 or higher for Gen7 devices, or 8.0.1-8017 or higher for TZ80 models.
The company noted in its security advisory that no workaround is available, making firmware updates the only effective mitigation against this vulnerability.
Security experts recommend that organizations with affected devices implement these patches immediately, especially for internet-facing firewalls.
Organizations should also monitor their devices for signs of exploitation, such as unexpected reboots or service disruptions.
Malware Trends Report Based on 15000 SOC Teams Incidents, Q1 2025 out!-> Get Your Free Copy
The post SonicWall SSLVPN Vulnerability Let Remote Attackers Crash Firewall Appliances appeared first on Cyber Security News.
Nintendo of America is suing the US government over President Trump's tariffs and is demanding…
Whether you’re looking to cosplay as Spider-Man or want to have arguably the best Venom…
The Bear star Jeremy Allen White is making the jump to the Star Wars galaxy…
A new cybercriminal campaign, linked to the notorious Funnull group, has targeted both Content Delivery…
Microsoft is actively investigating a service disruption affecting multiple Microsoft 365 products for users in…
With the premiere of Star Wars: Maul - Shadow Lord just weeks away, we're starting…
This website uses cookies.