Cybersecurity

New Sonicwall Sonicos Flaw Allows Hackers To Crash Firewalls

2025-11-20 0 views admin
New Sonicwall Sonicos Flaw Allows Hackers To Crash Firewalls

American cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls.

Tracked as CVE-2025-40601, this denial-of-service vulnerability is caused by a stack-based buffer overflow impacting Gen8 and Gen7 (hardware and virtual) firewalls.

"A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash," SonicWall said.

"SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a PoC have been made public and malicious use of this vulnerability has not been reported to SonicWall."

However, the company added that its Gen6 firewalls, as well as the SMA 1000 and SMA 100 series SSL VPN products, are not vulnerable to attacks potentially targeting this vulnerability.

While SonicWall has yet to find any evidence that attackers are exploiting CVE-2025-40601 in the wild, the company "strongly" urged network defenders to apply the guidance shared in today's security advisory.

Admins who can't immediately deploy today's security updates are advised to disable the SonicOS SSLVPN service or to modify rules to limit access to the SonicWall firewall appliance to trusted sources.

Today, the cybersecurity firm also patched two vulnerabilities impacting its Email Security appliances (ES Appliance 5000, 5050, 7000, 7050, 9000, VMWare, and Hyper-V), enabling remote attackers to gain persistent arbitrary code execution (CVE-2025-40604) and access restricted information (CVE-2025-40605).

"SonicWall strongly advises users of the Email Security products (ES Appliance 5000, 5050, 7000, 7050, 9000, VMWare and Hyper-V) to upgrade," it noted in a separate advisory.

Earlier this month, SonicWall confirmed that a state-sponsored hacking group was behind a September security breach that exposed customers' firewall configuration backup files, roughly one month after researchers warned that threat actors had compromised over 100 SonicWall SSLVPN accounts using stolen credentials.

Source: BleepingComputer

🏷️ Tags

cybersecuritysecurityhackbreachvulnerability

More from Cybersecurity

Update: Attackers Exploit Zero-day In End-of-life D-link Routers 2026

Update: Attackers Exploit Zero-day In End-of-life D-link Routers 2026

2026-01-07 0
Critical Jspdf Flaw Lets Hackers Steal Secrets Via Generated Pdfs - Complete Guide

Critical Jspdf Flaw Lets Hackers Steal Secrets Via Generated Pdfs - Complete Guide

2026-01-07 0
Phishers Exploit Office 365 Users Who Let Their Guard Down 2026 - Analysis

Phishers Exploit Office 365 Users Who Let Their Guard Down 2026 - Analysis

2026-01-07 0
Breaking: Logitech Options+, G Hub Macos Apps Break After Certificate Expires

Breaking: Logitech Options+, G Hub Macos Apps Break After Certificate Expires

2026-01-07 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views