SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance
The vulnerabilities could be exploited to cause a denial-of-service (DoS) condition, execute arbitrary code, or access arbitrary files and directories. The post SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance appeared first on SecurityWeek.
SonicWall this week rolled out fixes for high-severity vulnerabilities that can allow attackers to crash firewalls or execute arbitrary files on Email Security appliances.
Over 30 SonicWall Gen7 and Gen8 firewalls are affected by a stack-based buffer overflow bug in the SonicOS SSL VPN service that could be exploited remotely, without authentication, to cause a denial-of-service (DoS) condition leading to device crashes.
Tracked as CVE-2025-40601 (CVSS score of 7.2), the issue affects only firewalls that have the SonicOS SSLVPN interface or service enabled.
Related breach coverage
- TP-Link Patches High-Severity Router Vulnerabilities2026-03-27
The security defects could be used to bypass authentication, execute arbitrary commands, and decrypt configuration files. The post TP-Link Patches High-Severity Router Vulnerabilities appeared first on SecurityWeek.
- QNAP Patches Four Vulnerabilities Exploited at Pwn2Own 2026-03-23
The flaws could allow attackers to access sensitive information, execute code, or cause unexpected behavior. The post QNAP Patches Four Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek.
- Cisco Patches Multiple Vulnerabilities in IOS Software2026-03-26
The high- and medium-severity flaws could lead to denial-of-service, secure boot bypass, information disclosure, and privilege escalation. The post Cisco Patches Multiple Vulnerabilities in IOS Software appeared first on SecurityWeek.
- Cisco Patches High-Severity IOS XR Vulnerabilities2026-03-12
The security defects could lead to denial-of-service (DoS) conditions, command execution, or device takeover. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek.