SonicWall tells customers to patch SonicOS flaw allowing hackers to crash firewalls

1. Pro
2. Security

SonicWall tells customers to patch SonicOS flaw allowing hackers to crash firewalls News By Sead Fadilpašić published 21 November 2025

A high-severity flaw was found in SonicWall OS SSLVPN

Comments (0) ()

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Image credit: Pixabay (Image credit: Pixabay)

• SonicWall patches SSLVPN flaw CVE-2025-40601, enabling unauthenticated DoS attacks on Gen7/Gen8 firewalls
• No exploitation seen yet; users urged to disable SSLVPN or restrict access if updates delayed
• Two Email Security appliance flaws (CVE-2025-40604/40605) also fixed, preventing code execution and data access

SonicWall has released a patch for a high-severity vulnerability in its SonicOS SSLVPN service, and urged all users to update their firewalls immediately.

In a security advisory, the company said it discovered a stack-based buffer overflow vulnerability in the SonicOS SSLVPN service, which allows a remote, unauthenticated attacker to cause Denial of Service (DoS) and essentially crash the firewall.

• Amazon Black Friday deals are live: here are our picks!

The vulnerability is now tracked as CVE-2025-40601 and was given a severity score of 7.5/10 (high). It impacts Gen8 and Gen7 firewalls, both hardware and virtual ones. Earlier models, such as Gen6 firewalls, or the SMA 1000 and SMA 100 series SSL VPN products, were said to be safe against this bug.

You may like

• WatchGuard warns users Firebox firewalls may have a critical issue - here's what we know
• This long-exposed SonicWall flaw is being used to infect organizations with Akira ransomware - so patch now
• Worrying WatchGuard VPN bug could let hackers hijack your devices - here's how to stay safe

SonicWall also noted the bug only impacts the SSLVPN interface or service, if it’s enabled on the firewall.

No evidence or PoC

There is no evidence that this vulnerability is being exploited in the wild, but cybercriminals often wait for a bug to be publicized first, before striking.

Hunting for zero-day flaws is hard, and many companies do not patch their technologies on time, leaving the front doors wide open for attackers. So far, there has been no Proof-of-Concept (PoC) on the internet.

If you are unable to update your firewall at this moment, you should disable the SonicOS SSLVPN service or update the rules to limit access to the SonicWall firewall applications to trusted sources only, since firewalls are one of the most popular targets among cybercriminals.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

At the same time, SonicWall also fixed two vulnerabilities in its Email Security appliances (ES Appliance 5000, 5050, 7000, 7050, 9000, VMWare, and Hyper-V), tracked as CVE-2025-40604, and CVE-2025-40605. These allow threat actors to gain persistent arbitrary code execution capabilities, as well as access to restricted information.

For this patch, SonicWall also “strongly advised” users to install the patch without hesitation.

Via BleepingComputer

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more WatchGuard warns users Firebox firewalls may have a critical issue - here's what we know    This long-exposed SonicWall flaw is being used to infect organizations with Akira ransomware - so patch now    Worrying WatchGuard VPN bug could let hackers hijack your devices - here's how to stay safe    Around 50,000 Cisco firewalls are vulnerable to attack, so patch now    SonicWall customers told to reset credentials following firewall data breach    SonicWall confirms all of its cloud backup customers were affected by data breach    Latest in Security Second-order prompt injection can turn AI into a malicious insider    AI agents are fuelling an identity and security crisis for organizations    US FCC repeals cybersecurity rules aimed at preventing Salt Typhoon-esque attacks    Salesforce says customer data may be exposed in Gainsight incident - "unusual activity" being probed    Gaming and gambling giant IGT reportedly hit by ransomware - here's what we know    China’s PlushDaemon group uses EdgeStepper implant to infect network devices with SlowStepper malware in global supply-chain attacks    Latest in News X is down again – here's what we know about its latest big outage    Fitbit's new AI tool wants to take the stress out of your next doctor's visit    How to watch The Ashes 2025-26 highlights on BBC iPlayer — it's *FREE*    'Full Screen Experience' is now coming to all Windows 11 handhelds    Apple might not block Google's clever new AirDrop trick for 3 key reasons    Global cloud wars see AWS increasingly under threat from Microsoft and Google    LATEST ARTICLES

1. 1SonicWall tells customers to patch SonicOS flaw allowing hackers to crash firewalls
2. 2Should you use Google AI Mode or is boring old Search better?
3. 3US FCC repeals cybersecurity rules aimed at preventing Salt Typhoon-esque attacks
4. 4Quordle hints and answers for Saturday, November 22 (game #1398)
5. 5NYT Strands hints and answers for Saturday, November 22 (game #629)