SonicWall SSLVPN Flaw Allows Hackers to Crash Firewalls Remotely

SonicWall has issued an urgent advisory (SNWLID-2025-0009) warning of a high-severity vulnerability in its SSLVPN Virtual Office interface that enables unauthenticated attackers to remotely crash firewalls, causing widespread network disruptions.

Tracked as CVE-2025-32818, this flaw carries a CVSS v3 score of 7.5 and affects dozens of firewall models across its Gen7 and TZ80 product lines.

The Vulnerability Explained

The flaw stems from a Null Pointer Dereference (CWE-476) in SonicOS, which occurs when the software attempts to access memory via a pointer that lacks a valid reference.

Attackers can exploit this by sending specially crafted requests to the SSLVPN interface, triggering a denial-of-service (DoS) condition that crashes the firewall.

“SonicWall firewalls that have SSL VPN enabled are vulnerable to remote exploitation without requiring user interaction or authentication,” the company stated in its advisory.

Field	Details
Vulnerability Name	SonicWall SSLVPN Null Pointer Dereference
CVE	CVE-2025-32818
CVSS v3 Score	7.5
Impact	Denial-of-Service (DoS) by crashing the firewall remotely
Affected Products	Gen7 NSv (270, 470, 870), Gen7 Firewalls (TZ270, TZ370, TZ470, TZ570, TZ670, NSa 2700-6700, NSsp 10700-15700), TZ80
Affected Versions	Gen7: 7.1.1-7040 to 7.1.3-7015; TZ80: 8.0.0-8037 and earlier
Fixed Versions	Gen7: 7.2.0-7015 or higher; TZ80: 8.0.1-8017 or higher

Mitigation and Patches

SonicWall has released fixed firmware versions:

• Gen7 Appliances: Upgrade to 7.2.0-7015 or higher
• TZ80 Appliances: Upgrade to 8.0.1-8017 or higher

No workaround exists, and the company urges administrators to apply patches immediately. Organizations unable to update immediately should monitor SonicWall’s threat database for new exploit attempts.

Firewalls with compromised SSLVPN services risk operational paralysis, exposing internal networks to follow-on attacks.

This vulnerability is particularly concerning for enterprises relying on SonicWall’s Virtual Office for secure remote access.

“SonicWall customers must treat this as a critical priority. The lack of authentication requirements lowers the barrier for attackers to launch disruptive attacks,” said cybersecurity analyst Maria Chen of SafeNet Advisors.

1. Verify Affected Models: Check if your firmware falls within the vulnerable versions.
2. Apply Updates: Download patches from the SonicWall Support Portal.
3. Monitor Traffic: Look for unusual SSLVPN connection attempts.

This marks SonicWall’s third major SSLVPN-related vulnerability since 2023, underscoring the importance of proactive patch management. With remote work still prevalent in 2025, securing VPN gateways remains a top defense against network breaches.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!