SonicWall tells customers to patch SonicOS flaw allowing ...

Pro
Security

SonicWall tells customers to patch SonicOS flaw allowing hackers to crash firewalls News By Sead Fadilpašić published 21 November 2025

A high-severity flaw was found in SonicWall OS SSLVPN

Comments (0) ()

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Image credit: Pixabay (Image credit: Pixabay)

SonicWall patches SSLVPN flaw CVE-2025-40601, enabling unauthenticated DoS attacks on Gen7/Gen8 firewalls
No exploitation seen yet; users urged to disable SSLVPN or restrict access if updates delayed
Two Email Security appliance flaws (CVE-2025-40604/40605) also fixed, preventing code execution and data access

SonicWall has released a patch for a high-severity vulnerability in its SonicOS SSLVPN service, and urged all users to update their firewalls immediately.

In a security advisory, the company said it discovered a stack-based buffer overflow vulnerability in the SonicOS SSLVPN service, which allows a remote, unauthenticated attacker to cause Denial of Service (DoS) and essentially crash the firewall.

Amazon Black Friday deals are live: here are our picks!

The vulnerability is now tracked as CVE-2025-40601 and was given a severity score of 7.5/10 (high). It impacts Gen8 and Gen7 firewalls, both hardware and virtual ones. Earlier models, such as Gen6 firewalls, or the SMA 1000 and SMA 100 series SSL VPN products, were said to be safe against this bug.

No evidence or PoC

There is no evidence that this vulnerability is being exploited in the wild, but cybercriminals often wait for a bug to be publicized first, before striking.

Hunting for zero-day flaws is hard, and many companies do not patch their technologies on time, leaving the front doors wide open for attackers. So far, there has been no Proof-of-Concept (PoC) on the internet.

If you are unable to update your firewall at this moment, you should disable the SonicOS SSLVPN service or update the rules to limit access to the SonicWall firewall applications to trusted sources only, since firewalls are one of the most popular targets among cybercriminals.

Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

At the same time, SonicWall also fixed two vulnerabilities in its Email Security appliances (ES Appliance 5000, 5050, 7000, 7050, 9000, VMWare, and Hyper-V), tracked as CVE-2025-40604, and CVE-2025-40605. These allow threat actors to gain persistent arbitrary code execution capabilities, as well as access to restricted information.

For this patch, SonicWall also “strongly advised” users to install the patch without hesitation.

Via BleepingComputer

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Best free Linux firewalls

WatchGuard warns users Firebox firewalls may have a critical issue - here's what we know Best free Linux firewalls

This long-exposed SonicWall flaw is being used to infect organizations with Akira ransomware - so patch now Best free Linux firewalls

Worrying WatchGuard VPN bug could let hackers hijack your devices - here's how to stay safe Best free Linux firewalls

Around 50,000 Cisco firewalls are vulnerable to attack, so patch now Text speech bubble with a masked hacker stepping through

SonicWall customers told to reset credentials following firewall data breach Representational image of a user accessing data from the cloud

SonicWall confirms all of its cloud backup customers were affected by data breach Latest in Security A representational concept of a social media network

A representational concept of a social media network

Second-order prompt injection can turn AI into a malicious insider

AI agents are fuelling an identity and security crisis for organizations An American flag flying outside the US Capitol building against a blue sky

An American flag flying outside the US Capitol building against a blue sky

US FCC repeals cybersecurity rules aimed at preventing Salt Typhoon-esque attacks Hands on a laptop with overlaid logos representing network security

Hands on a laptop with overlaid logos representing network security

Salesforce says customer data may be exposed in Gainsight incident - "unusual activity" being probed Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing Cyber Security 3d Illustration

Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing Cyber Security 3d Illustration

Gaming and gambling giant IGT reportedly hit by ransomware - here's what we know Robotic mask face with electronic wires in a sci-fi technology or artificial intelligence network concept.

Robotic mask face with electronic wires in a sci-fi technology or artificial intelligence network concept.

China’s PlushDaemon group uses EdgeStepper implant to infect network devices with SlowStepper malware in global supply-chain attacks Latest in News A phone showing an X error message

X is down again – here's what we know about its latest big outage The Fitbit Charge 4 and the Fitbit app

Fitbit's new AI tool wants to take the stress out of your next doctor's visit PERTH, AUSTRALIA - NOVEMBER 21: England captain Ben Stokes celebrates with Brydon Carse after dismissing Travis Head of Australia during day one of the First 2025/26 Ashes Series Test Match between Australia and England at Perth Stadium on November 21, 2025 in Perth, Australia.

PERTH, AUSTRALIA - NOVEMBER 21: England captain Ben Stokes celebrates with Brydon Carse after dismissing Travis Head of Australia during day one of the First 2025/26 Ashes Series Test Match between Australia and England at Perth Stadium on November 21, 2025 in Perth, Australia.

How to watch The Ashes 2025-26 highlights on BBC iPlayer — it's *FREE* Lenovo Legion Go 2

'Full Screen Experience' is now coming to all Windows 11 handhelds AirDrop on an Apple device.

Apple might not block Google's clever new AirDrop trick for 3 key reasons Cloud in Hand

Global cloud wars see AWS increasingly under threat from Microsoft and Google LATEST ARTICLES

1SonicWall tells customers to patch SonicOS flaw allowing hackers to crash firewalls
2Should you use Google AI Mode or is boring old Search better?
3US FCC repeals cybersecurity rules aimed at preventing Salt Typhoon-esque attacks
4Quordle hints and answers for Saturday, November 22 (game #1398)
5NYT Strands hints and answers for Saturday, November 22 (game #629)

SonicWall tells customers to patch SonicOS flaw allowing hackers to crash firewalls

No evidence or PoC

Related Articles

Apple’s eagerly-awaited low-cost MacBook appears ready for early 2026

I track Dell laptop prices all year: these are the 9 best Black Friday deals I've found from just $299 today

Three prison officers stabbed in attack with ‘improvised weapon’

New Study Reveals The 10 Cars 2025 Owners Get Rid Of Within Just A Year