SonicWall has issued an urgent advisory (SNWLID-2025-0009) warning of a high-severity vulnerability in its SSLVPN Virtual Office interface that enables unauthenticated attackers to remotely crash firewalls, causing widespread network disruptions.
Tracked as CVE-2025-32818, this flaw carries a CVSS v3 score of 7.5 and affects dozens of firewall models across its Gen7 and TZ80 product lines.
The flaw stems from a Null Pointer Dereference (CWE-476) in SonicOS, which occurs when the software attempts to access memory via a pointer that lacks a valid reference.
Attackers can exploit this by sending specially crafted requests to the SSLVPN interface, triggering a denial-of-service (DoS) condition that crashes the firewall.
“SonicWall firewalls that have SSL VPN enabled are vulnerable to remote exploitation without requiring user interaction or authentication,” the company stated in its advisory.
Field | Details |
Vulnerability Name | SonicWall SSLVPN Null Pointer Dereference |
CVE | CVE-2025-32818 |
CVSS v3 Score | 7.5 |
Impact | Denial-of-Service (DoS) by crashing the firewall remotely |
Affected Products | Gen7 NSv (270, 470, 870), Gen7 Firewalls (TZ270, TZ370, TZ470, TZ570, TZ670, NSa 2700-6700, NSsp 10700-15700), TZ80 |
Affected Versions | Gen7: 7.1.1-7040 to 7.1.3-7015; TZ80: 8.0.0-8037 and earlier |
Fixed Versions | Gen7: 7.2.0-7015 or higher; TZ80: 8.0.1-8017 or higher |
Mitigation and Patches
SonicWall has released fixed firmware versions:
No workaround exists, and the company urges administrators to apply patches immediately. Organizations unable to update immediately should monitor SonicWall’s threat database for new exploit attempts.
Firewalls with compromised SSLVPN services risk operational paralysis, exposing internal networks to follow-on attacks.
This vulnerability is particularly concerning for enterprises relying on SonicWall’s Virtual Office for secure remote access.
“SonicWall customers must treat this as a critical priority. The lack of authentication requirements lowers the barrier for attackers to launch disruptive attacks,” said cybersecurity analyst Maria Chen of SafeNet Advisors.
This marks SonicWall’s third major SSLVPN-related vulnerability since 2023, underscoring the importance of proactive patch management. With remote work still prevalent in 2025, securing VPN gateways remains a top defense against network breaches.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered, enabling…
Commvault, a global leader in data protection and information management, has confirmed that a sophisticated…
The Federal Bureau of Investigation (FBI) has revealed the existence of 42,000 phishing domains associated…
The Tor Project has announced the official release of Tor Browser 14.5.1, introducing a host…
Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing Simulator,…
Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been exploiting…