The vulnerability was internally discovered and reported by SonicWall’s security team. The flaw, tracked as CVE-2025-40601, carries a CVSS score of 7.5 and affects multiple generations of SonicWall firewall products.
| Field | Value |
|---|---|
| CVE ID | CVE-2025-40601 |
| CWE | CWE-121 |
| CVSS Score | 7.5 (High) |
| CVSS Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
The vulnerability exists in the SSLVPN service component of SonicOS and stems from a stack-based buffer overflow weakness (CWE-121).
When exploited, an attacker can send specially crafted requests to the vulnerable SSLVPN interface without authentication, causing the affected firewall to crash and interrupting services.
SonicWall states that this vulnerability only impacts devices with the SSLVPN interface or service enabled on the firewall. Organizations that do not use this feature remain unaffected.
Currently, SonicWall PSIRT reports no active exploitation in the wild, and no proof-of-concept code has been publicly released.
| Platform | Models | Affected Versions | Fixed Version |
|---|---|---|---|
| Gen7 Hardware Firewalls | TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700-6700, NSsp 10700-15700 | 7.3.0-7012 and older | 7.3.1-7013 and higher |
| Gen7 Virtual Firewalls (NSv) | NSv270, NSv470, NSv870 (ESX, KVM, HYPER-V, AWS, Azure) | 7.3.0-7012 and older | 7.3.1-7013 and higher |
| Gen8 Firewalls | TZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800-5800 | 8.0.2-8011 and older | 8.0.3-8011 and higher |
The vulnerability impacts both Gen7 and Gen8 SonicWall firewalls across hardware and virtual platforms.
Gen7 devices running firmware versions 7.3.0-7012 and older are vulnerable, while Gen8 firewalls with versions 8.0.2-8011 and earlier are affected. SonicWall Gen6 firewalls and SMA 1000/100 series SSL VPN products are not impacted.
SonicWall strongly urges organizations to update to the patched firmware versions immediately.
Until patches can be applied, administrators should restrict SSLVPN access to trusted source IP addresses only or disable the service from untrusted internet sources by modifying existing access rules.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely appeared first on Cyber Security News.
The company behind MrBeast, the world's biggest YouTube channel, has denied claims of sexual harassment…
Stranger Things: Tales From '85 and McDonald's are teaming up for a Happy Meal that…
Kellogg's is bringing back toys in its cereal boxes for the first time in over…
It’s an exciting time for DC fans, because we finally have our first proper look…
Nintendo has confirmed the UK preorder bonuses for Yoshi and the Mysterious Book, exclusive to…
AMHERST — A suspect arrested in connection with the killing of a woman inside the…
This website uses cookies.