- SonicWall Patches SSLVPN CVE-2025-40601, Allowing Unauthenticated DoS Attacks on Gen7/Gen8 Firewalls
- No exploitation observed for the moment; users are advised to disable SSLVPN or restrict access if updates are delayed
- Two vulnerabilities in the Email Security appliance (CVE-2025-40604/40605) were also fixed, preventing code execution and data access.
SonicWall has released a patch for a high severity vulnerability in its SonicOS SSLVPN service and urged all users to update their firewall immediately.
In a security advisory, the company said it discovered a stack-based buffer overflow vulnerability in the SonicOS SSLVPN service, which allows an unauthenticated, remote attacker to cause a denial of service (DoS) and essentially crash the firewall.
The vulnerability is now tracked as CVE-2025-40601 and has received a severity score of 7.5/10 (high). This impacts Gen8 and Gen7 firewalls, both hardware and virtual. Earlier models, such as Gen6 firewalls or the SMA 1000 and SMA 100 series SSL VPN products, were supposedly immune to this bug.
SonicWall also noted that the bug only affects the SSLVPN interface or service if it is enabled on the firewall.
No proof or PoC
There is no indication that this vulnerability is being exploited in the wild, but cybercriminals often wait until a bug is made public before striking.
Finding zero-day vulnerabilities is difficult and many companies fail to patch their technologies in time, leaving the door wide open to attackers. Until now, there has been no proof of concept (PoC) on the Internet.
If you are unable to update your firewall at the moment, you should disable the SonicOS SSLVPN service or update the rules to limit access to SonicWall firewall applications to trusted sources only, as firewalls are one of the most popular targets among cybercriminals.
At the same time, SonicWall also fixed two vulnerabilities in its Email Security appliances (ES Appliance 5000, 5050, 7000, 7050, 9000, VMWare and Hyper-V), identified as CVE-2025-40604 and CVE-2025-40605. These allow malicious actors to gain persistent arbitrary code execution capabilities, as well as access restricted information.
For this patch, SonicWall also “strongly advised” users to install the patch without hesitation.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
