SonicWall Warns of New SonicOS SSLVPN Pre-Auth Buffer Overflow Vulnerability (CVE-2025-40601)
Do Son 
SonicWall has issued a security advisory for a newly identified pre-authentication stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. Tracked as CVE-2025-40601 and assigned a CVSS score of 7.5, the flaw could allow remote, unauthenticated attackers to crash affected firewalls, potentially disrupting business-critical network access.
According to the advisory, “A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.”
The company stresses that only devices with the SSLVPN interface or service enabled are exposed.
The vulnerability affects multiple generations of SonicWall hardware and virtual firewalls. SonicWall has released fixed versions for all affected platforms.
| Affected Platform(s) | Affected Version(s) |
| Gen7 hardware Firewalls – TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W,
TZ570P, TZ670, NSa 2700, NSa 3700,NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700 Gen7 virtual Firewalls (NSv) – NSV270, NSv470, NSv870 (ESX, KVM, HYPER-V, AWS, Azure) |
7.3.0-7012 and older versions
(7.0.1 branch is not affected) |
| Gen8 Firewalls – TZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800, NSa 3800, NSa 4800, NSa 5800 | 8.0.2-8011 and older versions |
Until patches can be deployed, SonicWall provides a straightforward temporary mitigation: “Limit SonicOS SSLVPN access to trusted sources (and/or disable firewall SSLVPN service from untrusted internet sources) by modifying the existing SonicOS SSLVPN access rules.”
SonicWall includes referenced guides on how to restrict VPN access by user, service, destination, and WAN source IP addresses.
Related Posts:
- Akira Ransomware Exploits SonicWall SSLVPN Flaw (CVE-2024-40766)
- CVE-2023-0656: unauthenticated Denial of Service vulnerability in SONICOS
- Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update
- SonicWall Firewalls Under Attack: CVE-2024-53704 Exploited in the Wild, PoC Released
- High-Severity SonicWall SSLVPN Vulnerability Allows Firewall Crashing
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
