Cyber Security News

SonicWall SSLVPN Flaw Allows Hackers to Crash Firewalls Remotely

SonicWall has issued an urgent advisory (SNWLID-2025-0009) warning of a high-severity vulnerability in its SSLVPN Virtual Office interface that enables unauthenticated attackers to remotely crash firewalls, causing widespread network disruptions.

Tracked as CVE-2025-32818, this flaw carries a CVSS v3 score of 7.5 and affects dozens of firewall models across its Gen7 and TZ80 product lines.

The Vulnerability Explained

The flaw stems from a Null Pointer Dereference (CWE-476) in SonicOS, which occurs when the software attempts to access memory via a pointer that lacks a valid reference.

Attackers can exploit this by sending specially crafted requests to the SSLVPN interface, triggering a denial-of-service (DoS) condition that crashes the firewall.

SonicWall firewalls that have SSL VPN enabled are vulnerable to remote exploitation without requiring user interaction or authentication,” the company stated in its advisory.

FieldDetails
Vulnerability NameSonicWall SSLVPN Null Pointer Dereference
CVECVE-2025-32818
CVSS v3 Score7.5
ImpactDenial-of-Service (DoS) by crashing the firewall remotely
Affected ProductsGen7 NSv (270, 470, 870), Gen7 Firewalls (TZ270, TZ370, TZ470, TZ570, TZ670, NSa 2700-6700, NSsp 10700-15700), TZ80
Affected VersionsGen7: 7.1.1-7040 to 7.1.3-7015; TZ80: 8.0.0-8037 and earlier
Fixed VersionsGen7: 7.2.0-7015 or higher; TZ80: 8.0.1-8017 or higher

Mitigation and Patches

SonicWall has released fixed firmware versions:

  • Gen7 Appliances: Upgrade to 7.2.0-7015 or higher
  • TZ80 Appliances: Upgrade to 8.0.1-8017 or higher

No workaround exists, and the company urges administrators to apply patches immediately. Organizations unable to update immediately should monitor SonicWall’s threat database for new exploit attempts.

Firewalls with compromised SSLVPN services risk operational paralysis, exposing internal networks to follow-on attacks.

This vulnerability is particularly concerning for enterprises relying on SonicWall’s Virtual Office for secure remote access.

“SonicWall customers must treat this as a critical priority. The lack of authentication requirements lowers the barrier for attackers to launch disruptive attacks,” said cybersecurity analyst Maria Chen of SafeNet Advisors.

  1. Verify Affected Models: Check if your firmware falls within the vulnerable versions.
  2. Apply Updates: Download patches from the SonicWall Support Portal.
  3. Monitor Traffic: Look for unusual SSLVPN connection attempts.

This marks SonicWall’s third major SSLVPN-related vulnerability since 2023, underscoring the importance of proactive patch management. With remote work still prevalent in 2025, securing VPN gateways remains a top defense against network breaches.

Find this News Interesting! Follow us on Google NewsLinkedIn, & X to Get Instant Updates!

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering critical…

1 day ago

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress,…

2 days ago

Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded…

2 days ago

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a…

2 days ago

Printer Company Distributes Malicious Drivers Infected with XRed Malware

Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code,…

2 days ago

Chinese Agent Impersonate as Stanford Student For Intelligence Gathering

Chinese intelligence operative posing as a Stanford University student has been uncovered following an investigation…

2 days ago