CRITICAL🇵🇱 Wersja polska

CVE-2025-40600

CVSS 9.8v3.1pub. 2025-07-29upd. 2025-08-11

Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.

🤖 AI Analysis
How it works

The vulnerability stems from the use of a format string controlled by external input (Use of Externally-Controlled Format String, CWE-134). An attacker can send a specially crafted request to the SSL VPN interface without needing to have authentication. Improper processing of the format string by the vulnerable function can lead to service disruption.

Impact

An attacker can cause disruption or unavailability of the SSL VPN service on the device (denial of service attack). The CVSS vector also indicates potential impact on data confidentiality and integrity.

Mitigation & patch

Patches available from the manufacturer should be applied according to the references (https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013). Until the fix is deployed, it is recommended to restrict access to the SSL VPN interface only to trusted IP addresses and monitor anomalies in traffic directed to this interface.

Who is affected

SonicWall NSSP 13700, SonicWall NSA 2700, SonicWall NSV 270, SonicWall NSV 870, SonicWall NSA 4700 with SonicOS software containing the vulnerable SSL VPN interface; specific versions indicated in the manufacturer's references.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sonicwall Nsa 2700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nsa 3700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nsa 4700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nsa 5700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nsa 6700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nssp 10700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nssp 11700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nssp 13700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nssp 15700

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nsv270

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nsv470

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Nsv870

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sonicos

    OS
    Sonicwall
    7.1.1-7040 – 7.3.0-7012 (bez)
  • Sonicwall Tz270

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz270w

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz370

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz370w

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz470

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz470w

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz570

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz570p

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz570w

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Tz670

    HW
    Sonicwall
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth BypassVPN
CWE
References

Related vulnerabilities

CVE-2024-53704CRITICAL9.8⚠ KEVPL ✓ten sam produkt

SonicWall SonicOS SSLVPN — pominięcie uwierzytelnienia (Auth Bypass)

CVE-2024-40766CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Nieprawidłowa kontrola dostępu w SonicWall SonicOS — RCE i crash firewalla

CVE-2020-5135CRITICAL9.8⚠ KEVten sam produkt

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and poten...

CVE-2024-3596CRITICAL9.0PL ✓ten sam produkt

Atak przez fałszowanie odpowiedzi w protokole RADIUS (RFC 2865) via kolizja MD5

CVE-2024-22394CRITICAL9.8PL ✓ten sam produkt

Pominięcie uwierzytelnienia w SonicWall SonicOS SSL-VPN (auth bypass)