SonicWall has disclosed a significant security vulnerability affecting its Gen7 firewall products that could allow remote attackers to disrupt network services.
The vulnerability, designated CVE-2025-40600 and tracked as SNWLID-2025-0013, carries a CVSS severity score of 5.9 and specifically impacts the SSL VPN interface component of affected devices.
Vulnerability Details and Impact
The security flaw stems from a format string vulnerability in SonicOS that enables remote unauthenticated attackers to cause service disruption without requiring user interaction or elevated privileges.
The vulnerability affects the SSL VPN interface exclusively, meaning only firewalls with this feature enabled are at risk.
The attack vector is network-based but requires high attack complexity to exploit successfully.
According to SonicWall’s security advisory, the vulnerability impacts a wide range of Gen7 hardware firewalls, including the TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, and NSsp 15700 models.
Virtual firewall deployments are also affected, including NSV270, NSv470, and NSv870 variants running on ESX, KVM, Hyper-V, AWS, and Azure platforms.
Affected Versions and Scope
The vulnerability affects SonicOS version 7.2.0-7015 and all older versions within the 7.x branch. Notably, the 7.0.1 branch remains unaffected by this security issue.
SonicWall has confirmed that Gen6 and Gen8 firewall models, along with SMA 1000 and SMA 100 series SSL VPN products, are not vulnerable to this specific threat.
Remediation and Workarounds
SonicWall has released fixed software versions to address this vulnerability.
Users should upgrade to SonicOS version 7.3.0-7012 or higher to eliminate the security risk.
For organizations unable to immediately implement the patch, SonicWall provides a temporary workaround: disabling the SSL-VPN interface entirely, as the vulnerability exclusively affects this component.
The company strongly recommends that all users of affected firewall products prioritize upgrading to the fixed release version.
The security advisory was initially published on July 29, 2025, with an update on July 30, 2025, that included the workaround instructions.
This disclosure highlights the ongoing challenges organizations face in maintaining secure network infrastructure.
Format string vulnerabilities, while less common in modern software development, can still pose significant risks when discovered in critical network security devices.
The availability of both permanent fixes and interim workarounds demonstrates SonicWall’s commitment to providing customers with multiple options for addressing the security concern based on their operational requirements and maintenance windows.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
%20(1).webp?resize=1600,900&ssl=1&description=The vulnerability, designated CVE-2025-40600 and tracked as SNWLID-2025-0013, carries a CVSS severity score of 5.9 and specifically impacts the SSL VPN interface component of affected devices.){kind=link}