- SonicWall Patches SSLVPN Vulnerability CVE-2025-40601 Enables Unauthorized DoS Attacks on Gen7/Gen8 Firewalls
- No exploit seen yet; users are encouraged to disable SSLVPN or restrict access if updates are delayed
- Also fixed are two flaws in the Email Security Appliance (CVE-2025-40604/40605) that prevent code execution and data access
SonicWall has released a patch for a serious vulnerability in its SonicOS SSLVPN service and urged all users to update their firewalls immediately.
In a security advisory, the company said it discovered a stack-based buffer overflow vulnerability in the SonicOS SSLVPN service that allows a remote, unauthorized attacker to cause a Denial of Service (DoS) and essentially crash the firewall.
The vulnerability is now tracked as CVE-2025-40601 and received a severity score of 7.5/10 (high). It affects Gen8 and Gen7 firewalls, both hardware and virtual. Earlier models, such as Gen6 firewalls or the SMA 1000 and SMA 100 series SSL VPN products, are said to be safe from this flaw.
SonicWall also noted that the flaw only affects the SSLVPN interface or service if it is enabled on the firewall.
No evidence or PoC
There is no evidence that this vulnerability is being exploited in the wild, but cybercriminals often wait for a bug to be published first before striking.
Chasing zero-day bugs is difficult, and many companies don’t patch their technologies on time, leaving the front doors wide open for attackers. So far, there has been no Proof-of-Concept (PoC) on the Internet.
If you are unable to update your firewall at this time, you should disable the SonicOS SSLVPN service or update the rules to restrict access to the SonicWall firewall applications to trusted sources only, as firewalls are one of the most popular targets of cybercriminals.
At the same time, SonicWall also patched two vulnerabilities in its email security appliances (ES Appliance 5000, 5050, 7000, 7050, 9000, VMWare and Hyper-V), tracked as CVE-2025-40604 and CVE-2025-40605. These allow threat actors to gain sustained arbitrary code execution capability as well as access to limited information.
For this patch, SonicWall also “strongly” advised users to install the patch without hesitation.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
