EXECUTIVE SUMMARY:
A newly identified pre-authentication stack-based buffer overflow vulnerability tracked as CVE-2025-40601, in the SSLVPN service of the SonicWall SonicOS platform has been disclosed. This flaw allows an unauthenticated attacker to send specially crafted input to the SSLVPN interface and trigger a crash of the firewall, resulting in a denial-of-service (DoS) condition that can disrupt essential network access. The vulnerability impacts multiple generations of SonicWall hardware and virtual firewall appliances with SSLVPN enabled, and the vendor has released fixed versions. It is strongly advised to mitigate exposure by restricting SSLVPN access to trusted sources or disabling the service for untrusted Internet connections. The vulnerability has a CVSS score of 7.5.
RECOMMENDATION:
We strongly recommend you update SonicWall SonicOS SSLVPN to below link:
REFERENCES:
The following reports contain further technical details: