A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
References
| Link | Resource |
|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0016 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
History
12 Dec 2025, 15:57
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Sonicwall tz470
Sonicwall nsa 5700 Sonicwall nsa 5800 Sonicwall nsa 3700 Sonicwall tz580 Sonicwall tz380 Sonicwall nsa 4800 Sonicwall nssp 11700 Sonicwall tz480 Sonicwall tz680 Sonicwall nsa 6700 Sonicwall nsv270 Sonicwall tz370 Sonicwall nsa 2700 Sonicwall tz670 Sonicwall nssp 13700 Sonicwall nsv870 Sonicwall tz270w Sonicwall tz570w Sonicwall tz370w Sonicwall nssp 15700 Sonicwall nsv470 Sonicwall nsa 2800 Sonicwall tz570 Sonicwall tz80 Sonicwall Sonicwall nssp 10700 Sonicwall nsa 3800 Sonicwall tz570p Sonicwall tz470w Sonicwall sonicos Sonicwall nsa 4700 Sonicwall tz270 Sonicwall tz280 |
|
| References | () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0016 - Vendor Advisory | |
| CPE | cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz80:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz380:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz480:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz580:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz680:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz280:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* |
20 Nov 2025, 19:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
20 Nov 2025, 15:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-11-20 15:17
Updated : 2025-12-12 15:57
NVD link : CVE-2025-40601
Mitre link : CVE-2025-40601
CVE.ORG link : CVE-2025-40601
JSON object : View
Products Affected
sonicwall
- nssp_11700
- tz570
- tz370
- tz480
- tz370w
- tz580
- tz470
- tz270w
- nssp_10700
- tz270
- nsv470
- tz570p
- nsa_2800
- nsa_3700
- nsa_5800
- tz470w
- nsa_3800
- nsa_4700
- tz80
- nsv270
- tz680
- nsa_2700
- tz280
- nsa_5700
- tz670
- tz570w
- sonicos
- nsv870
- nssp_13700
- nsa_6700
- tz380
- nssp_15700
- nsa_4800
CWE
CWE-121
Stack-based Buffer Overflow