SonicWall released patches for three SonicOS vulnerabilities affecting Gen 6, Gen 7, and Gen 8 firewalls, including one high-severity access control bypass and two medium-severity flaws. Customers are advised to apply the updated firmware immediately or restrict management access to SSH until patches are deployed to prevent configuration tampering or crashes. #SonicWall #CVE2026-0204
Keypoints
- SonicWall issued fixes for three SonicOS vulnerabilities impacting multiple firewall generations.
- CVE-2026-0204 is a high-severity access control bypass that exposes management interface functions.
- CVE-2026-0205 is a path traversal issue that can interact with restricted services and requires authentication.
- CVE-2026-0206 allows authenticated remote attackers to crash vulnerable firewalls.
- Patches are available in firmware 6.5.5.2-28n, 7.3.2-7010, and 8.2.0-8009; update immediately or restrict HTTP/HTTPS and SSLVPN to SSH until patched.
Read More: https://www.securityweek.com/sonicwall-urges-immediate-patching-of-firewall-vulnerabilities/