CVE-2025-40601
HIGH EXPLOITEDSonicOS 7.1.1-7040 to <7.3.1-7013 - Unauthenticated Denial of Service via SSLVPN Stack-based Buffer Overflow
Title source: llmExploitation Summary
CVE-2025-40601 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0016
Scores
CVSS v3
7.5
EPSS
0.0004
EPSS Percentile
14.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2026-05-10
CWE
CWE-121
Status
published
Products (1)
sonicwall/sonicos
7.1.1-7040 - 7.3.1-7013
Published
Nov 20, 2025
Tracked Since
Feb 18, 2026