CVE-2025-40596

HIGH

Sonicwall Sma 500v Firmware < 10.2.2.1-90sv - Stack Buffer Overflow

Title source: rule

Description

A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.

References (1)

[Vendor Advisory] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0012

Scores

CVSS v3 7.3

EPSS 0.0019

EPSS Percentile 40.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-121

Status published

Affected Products (3)

sonicwall/sma_500v_firmware < 10.2.2.1-90sv

sonicwall/sma_210_firmware < 10.2.2.1-90sv

sonicwall/sma_410_firmware < 10.2.2.1-90sv

Timeline

Published Jul 23, 2025

Tracked Since Feb 18, 2026