Analysis Summary

CVE-2025-40597 CVSS:7.3

Sonicwall SMA 100 Series is vulnerable to a heap-based buffer overflow vulnerability in the web interface. A remote attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system or cause a denial of service.

CVE-2025-40598 CVSS:6.3

Sonicwall SMA 100 Series is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web interface. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

CVE-2025-40596 CVSS:7.3

Sonicwall SMA 100 Series is vulnerable to a stack-based buffer overflow vulnerability in the web interface. A remote attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system or cause a denial of service.

CVE-2025-40599 CVSS:9.1

Sonicwall SMA 100 Series could allow a remote authenticated attacker to upload arbitrary files, caused by an error in the web management interface. An attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system.

Impact

• Denial of Service
• Buffer Overflow
• Code Execution
• Cross-Site Scripting

Indicators of Compromise

CVE

• CVE-2025-40597

• CVE-2025-40598

• CVE-2025-40596

• CVE-2025-40599

Affected Vendors

Remediation

Refer to Sonicwall Website for patch, upgrade, or suggested workaround information.

CVE-2025-40597

CVE-2025-40598

CVE-2025-40596

CVE-2025-40599