Security Advisory

SonicWall Product Security Update Advisory (CVE-2025-40601)

  • Nov 26 2025
SonicWall Product Security Update Advisory (CVE-2025-40601)

Overview

 

SonicWall has released security updates to fix vulnerabilities in SonicWall products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-40601

 

Gen7 hardware Firewalls 
TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700,NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700 Versions: 7.3.0-7012 and earlier (excluding 7.0.1 branch)

 

Gen7 virtual Firewalls (NSv)
NSV270, NSv470, NSv870 (ESX, KVM, HYPER-V, AWS, Azure) Versions: 7.3.0-7012 and earlier (excluding 7.0.1 branches)

 

Gen8 Firewalls
TZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800, NSa 3800, NSa 4800, NSa 5800 Version: 8.0.2-8011 or earlier

 

 

Resolved Vulnerabilities

 

Stack-based buffer overflow vulnerability in SonicOS SSLVPN (CVE-2025-40601)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-40601

 

Gen7 hardware Firewalls
TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700,NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700 Version: 7.3.1-7013 or later

 

Gen7 virtual Firewalls (NSv) 
NSV270, NSv470, NSv870 (ESX, KVM, HYPER-V, AWS, Azure) Versions: 7.3.0-7012 and earlier

 

Gen8 Firewalls
TZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800, NSa 3800, NSa 4800, NSa 5800 Versions: 8.0.3-8011 and later

 

 

References

 

[1] SonicOS SSLVPN Pre-Auth Stack-Based Buffer Overflow Vulnerability
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0016

Tags:
Previous Post

Next Post