- Description
- A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
- Source
- PSIRT@sonicwall.com
- NVD status
- Analyzed
- Products
- sonicos
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- PSIRT@sonicwall.com
- CWE-121
- Hype score
- Not currently trending
Recent reports show the Akira ransomware is targeting business mergers by hiding in unpatched VPNs (CVE-2025-40601). When you acquire the company, you acquire the malware. Always audit the IT stack before the handshake. We can help. 🤝 #CyberSecurity #FremontNE #BusinessTips
@NyeTechnology
13 Feb 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #bufferoverflow SonicWall Warns of New SonicOS SSLVPN Pre-Auth Buffer Overflow Vulnerability (CVE-2025-40601) https://t.co/yF8nPW96UT
@Komodosec
28 Dec 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades en productos SonicWall ❗CVE-2025-40601 ➡️Más info: https://t.co/lZhWXQqSzS https://t.co/m7ER3oJn87
@CERTpy
26 Nov 2025
93 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[Security Affairs] SonicWall flags SSLVPN flaw allowing firewall crashes. SonicWall warns of a high-severity buffer overflow flaw in SonicOS SSLVPN (CVE-2025-40601) that lets attackers crash Gen7 and Gen8 firewalls. A new high-severity SonicOS SSLVPN... https://t.co/GhPjDoHB1F
@shah_sheikh
23 Nov 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 SonicOS SSLVPN DoS Crashes Remote Firewalls (CVE-2025-40601) SonicWall's SonicOS has a critical DoS flaw in SSLVPN that crashes firewall appliances remotely. CVE-2025-40601 affects SonicOS 7.1.4-7.1.7 on Gen 7 firewalls—attacker sends crafted packets to trigger the crash
@the_c_protocol
22 Nov 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SonicWall SSLVPN Vulnerability: How to Patch CVE-2025-40601 and Prevent DoS Attacks. Read the full report on - https://t.co/x29jQ0SQ9M https://t.co/yy5M42SqGf
@cyberbivash
22 Nov 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New SonicWall SonicOS flaw allows hackers to crash firewalls. Tracked as CVE-2025-40601, this denial-of-service vulnerability is caused by a stack-based buffer overflow impacting Gen8 and Gen7 (hardware and virtual) firewalls. https://t.co/CZFF9Lo9Fh https://t.co/jMr6neglLb
@riskigy
21 Nov 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SonicWall patched a high-severity SonicOS SSLVPN flaw (CVE-2025-40601) allowing unauthenticated DoS attacks on Gen7/Gen8 firewalls. No exploits seen, but users should update ASAP. 🔒 #CyberSecurity #SonicWall #InfoSec https://t.co/i6wV6CXMed
@ProgresiveRobot
21 Nov 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-40601: A pre-authentication stack-based buffer overflow in SonicOS SSLVPN allows a remote attacker to crash the firewall (DoS). 🔗FOFA Link: https://t.co/zAofIGTu9d 🎯9.9k+ Results are found on the https://t.co/pb16tGYaKe nearly year. FOFA Query: app="So
@fofabot
21 Nov 2025
889 Impressions
3 Retweets
4 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨:CVE-2025-40601 : A Stack-based Buffer Overflow Vulnerability in the SonicOS SSLVPN Service 📊10.7K Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/7lZnlpHCCa 👇Query HUNTER : https://t.co/q9rtuGfZuz="SonicOS" https://t.co/Y
@HunterMapping
21 Nov 2025
1938 Impressions
5 Retweets
22 Likes
8 Bookmarks
0 Replies
0 Quotes
🚨PATCH NOW🚨 SonicWall SonicOS CVE-2025-40601 lets remote unauth attackers crash Gen7/Gen8 firewalls via SSLVPN buffer overflow. Search by vul.cve Filter👉vul.cve="CVE-2025-40601" ZoomEye Dork👉app="SonicWall SonicOS" 51.1k+ exposed instances. ZoomEye Link: https://t.c
@zoomeye_team
21 Nov 2025
1218 Impressions
3 Retweets
14 Likes
9 Bookmarks
0 Replies
0 Quotes
SonicWall advisory: Stack buffer overflow in SonicOS SSLVPN. CVE-2025-40601. Vendor says DoS only. But stack overflows in VPN implementations usually turn into RCE - initial assessments underestimate exploitability. Patch immediately. SonicWall has a history here
@gothburz
21 Nov 2025
163 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
SonicWall SonicOS CVE-2025-40601 lets remote unauth attackers crash Gen7/Gen8 firewalls via SSLVPN. Patch sooner than later, exposed VPNs tend to find friends fast. #infosec https://t.co/oGCyAdeVEI
@threatcluster
20 Nov 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SonicWall alerta para falha severa no SSLVPN que pode derrubar firewalls: vulnerabilidade CVE-2025-40601 permite DoS por buffer overflow em firewalls Gen7 e Gen8, sem exploração conhecida. Recomenda patch imediato e restringir acesso ao serviço. https://t.co/xyaUX4X0tj
@caveiratech
20 Nov 2025
34 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40601 Stack-Based Buffer Overflow in SonicOS SSLVPN Service Enables Rem... https://t.co/tWKbW9vrY2 Customizable Vulnerability Alerts: https://t.co/U7998fz7yk
@VulmonFeeds
20 Nov 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical SonicWall SonicOS flaw (CVE-2025-40601) allows denial-of-service crashes via SSLVPN stack-based buffer overflow in Gen7 and Gen8 firewalls. No active exploits reported yet. #SonicWall #FirewallFlaw #USA https://t.co/nh6UG1oZ83
@TweetThreatNews
20 Nov 2025
77 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-40601 A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause… https://t.co/SxEo3iwWIH
@CVEnew
20 Nov 2025
273 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D8575AA-96A1-4DAD-9098-B3BF9472B40C",
"versionEndExcluding": "7.3.1-7013",
"versionStartIncluding": "7.1.1-7040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B60197D0-41B7-46DB-B33E-FEE1F1037A8D",
"versionEndExcluding": "8.0.3-8011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "559FE8B8-E5E1-4E74-98AF-79AF0ECF9064",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED8014A-C7A4-4624-8D50-A9844871C1B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BDD4AB6-878B-41BE-BA33-6A2ECE2BC85B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D28BF416-D019-438B-954E-FB94697DC011",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56EC904E-4FCA-4B35-B188-639AE688DD14",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B9556B-0A33-4A27-B9E2-00F47969A566",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFE3403-6A5B-4735-9248-99297A2E4461",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAEE386F-5FE4-4F21-AD34-33B862AAD1CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE6BC579-21A1-4C2F-B655-73B14C3409A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "129CC10F-E822-4BF7-9EB5-0D702020CB0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
]