SonicWall SonicOS Flaw Allows Remote Firewall Crashes

SonicWall SonicOS Flaw Allows Remote Firewall Crashes

First seen 27 Nov 2025, 20:34 UTC BleepingcomputerLinkedinCybersecuritynewsHeise.DeSocradar+6 72% similarity 23.4

Article Content

Browse articles
ThreatCluster

SonicWall has disclosed a critical vulnerability in its SonicOS SSLVPN service, tracked as CVE-2025-40601, which allows remote, unauthenticated attackers to crash Gen7 and Gen8 firewalls. The flaw, caused by a stack-based buffer overflow, poses significant risks for organizations using SonicWall for network security. SonicWall has urged customers to apply patches immediately, although there are currently no reports of active exploitation.

ThreatCluster AI

Community

Browse all →