Stack-Based Buffer Overflow in SMA100 Series Web Interface by SonicWall
CVE-2025-40596

7.3HIGH

Key Information:

Vendor: Sonicwall
Status: Sma 100 Series
Vendor: CVE Published:; 23 July 2025

What is CVE-2025-40596?

A stack-based buffer overflow vulnerability exists within the web interface of SonicWall's SMA100 series. This security flaw may allow a remote, unauthenticated attacker to initiate a Denial of Service (DoS) attack, which can disrupt service availability. Furthermore, there is a potential risk for code execution, enabling attackers to execute arbitrary code on the affected system. Users are advised to apply necessary patches and follow security best practices to mitigate this risk.

Affected Version(s)

SMA 100 Series Linux 10.2.1.15-81sv and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Sina Kheirkhah