SonicWall SOS: Fixes Released for High-Severity Vulnerabilities in Firewalls and Email Security!
SonicWall has released urgent fixes for high-severity vulnerabilities affecting over 30 firewalls. A stack-based buffer overflow bug in SonicOS SSL VPN service could let attackers remotely crash devices or execute arbitrary files. Update to SonicOS versions 7.3.1-7013 or 8.0.2-8011 to keep those pesky cyber pests at bay.
Hot Take:
SonicWall’s firewalls are having a meltdown, literally! This week, SonicWall decided to play firefighter, rolling out fixes for vulnerabilities that could otherwise let hackers crash their firewalls like a bad Windows update. It’s like SonicWall is saying, “Sure, our firewalls might have more holes than Swiss cheese, but at least we’re patching them!”
Key Points:
- Over 30 SonicWall Gen7 and Gen8 firewalls are vulnerable to a stack-based buffer overflow bug.
- The vulnerability, CVE-2025-40601, has a CVSS score of 7.2 and affects devices with the SonicOS SSL VPN service enabled.
- Patches have been released in SonicOS versions 7.3.1-7013 and 8.0.2-8011.
- SonicWall’s Email Security appliances got fixes for two vulnerabilities, one allowing arbitrary code execution.
- No current evidence of these vulnerabilities being exploited in the wild, says SonicWall.
Already a member? Log in here