Stack-based Buffer Overflow Vulnerability in SonicOS SSLVPN by SonicWall
CVE-2025-40601
Key Information:
Badges
What is CVE-2025-40601?
CVE-2025-40601 is a stack-based buffer overflow vulnerability identified in the SonicOS SSLVPN service provided by SonicWall. This vulnerability allows a remote, unauthenticated attacker to exploit the SSLVPN service, leading to a potential Denial of Service (DoS) condition. The exploit can cause the affected SonicWall firewalls to crash, disrupting network traffic and compromising the integrity of the network security infrastructure. Organizations utilizing SonicWall firewalls for secure remote access are at risk, as this vulnerability can lead to downtime and service disruptions, further impacting productivity and security.
Potential impact of CVE-2025-40601
-
Denial of Service (DoS): Exploitation of this vulnerability could lead to a complete service shutdown of the affected firewall, resulting in significant downtime for remote access and essential services, which can hinder business operations.
-
Security Compromise: The ability for an unauthenticated attacker to cause a crash could create vulnerabilities that might be leveraged for further exploitation, leading to unauthorized access or control over network resources.
-
Reputation Damage: Downtime and service disruptions caused by this vulnerability can lead to a loss of trust from clients and stakeholders, potentially damaging the organization’s reputation in the market.
Affected Version(s)
SonicOS Linux 7.3.0-7012 and older versions
SonicOS Linux 8.0.2-8011 and older versions
News Articles
New SonicWall SonicOS flaw allows hackers to crash firewalls
American cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls.
1 month ago
References
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 📰
First article discovered by BleepingComputer
Vulnerability published
Vulnerability Reserved