Bleepingcomputer
SonicWall SonicOS Flaw Allows Remote Firewall Crashes
First seen 27 Nov 2025, 20:34 UTC
•



+6
•72% similarity
•23.4
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
SonicWall has disclosed a critical vulnerability in its SonicOS SSLVPN service, tracked as CVE-2025-40601, which allows remote, unauthenticated attackers to crash Gen7 and Gen8 firewalls. The flaw, caused by a stack-based buffer overflow, poses significant risks for organizations using SonicWall for network security. SonicWall has urged customers to apply patches immediately, although there are currently no reports of active exploitation.
ThreatCluster AI