High

SonicWall has disclosed a critical stack-based buffer overflow vulnerability in its SonicOS SSLVPN service, tracked as CVE-2025-40601, with a CVSS score of (High). This flaw allows remote, unauthenticated attackers to crash affected firewalls, causing a denial-of-service (DoS) condition. The vulnerability was identified internally by SonicWall’s security team and affects multiple generations of SonicWall firewall products, both hardware and virtual, though no active exploitation or public proof-of-concept has been reported.

The vulnerability exists specifically in the SSLVPN service component and stems from a stack-based buffer overflow (CWE-121). Exploitation involves sending specially crafted requests to the SSLVPN interface, which can crash the firewall and disrupt services. Devices that do not have the SSLVPN service enabled remain unaffected, limiting the scope of risk to organizations actively using this feature.

Affected platforms include Gen7 hardware and virtual firewalls (e.g., TZ270–TZ670, NSa 2700–6700, NSv270–NSv870) and Gen8 firewalls (e.g., TZ80–TZ680, NSa 2800–5800). Vulnerable firmware versions include 7.3.0-7012 and older for Gen7 devices and 8.0.2-8011 and earlier for Gen8 devices. Devices outside these versions, as well as Gen6 firewalls and SMA 1000/100 series SSLVPN products, are not impacted.

SonicWall strongly recommends that organizations update to patched firmware versions immediately—7.3.1-7013 or higher for Gen7, and 8.0.3-8011 or higher for Gen8 devices. Until updates can be applied, administrators should restrict SSLVPN access to trusted source IPs or disable the service for untrusted internet traffic by modifying access rules. Timely patching and access control measures are crucial to prevent potential disruption caused by this vulnerability.