A recent security advisory from SonicWall highlights a high-severity SSLVPN vulnerability (CVE-2025-40601) that could cause firewalls to crash through a denial-of-service attack. While no active exploitation has been reported, SonicWall recommends urgent patching and mitigation measures. #SonicOS #SSLVPNVulnerability
Keypoints
- SonicWall urges customers to patch a critical SSLVPN flaw impacting Gen7 and Gen8 firewalls.
- The vulnerability is caused by a stack-based buffer overflow that can crash firewalls.
- No active exploits or PoCs have been publicly reported as of now.
- Affected versions include specific firmware versions for Gen7 and Gen8 firewalls.
- SonicWall also addressed vulnerabilities in its Email Security appliances, advising users to upgrade.