SonicWall has revealed a vulnerability in its SonicOS SSLVPN Virtual Office interface that could let remote attackers crash firewall appliances. Identified as CVE-2025-32818, this high-severity vulnerability has a CVSS score of 7.5, posing significant risks for enterprises using SonicWall Gen7 devices for secure network access.
The official advisory states that a Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual Office interface lets a remote, unauthenticated attacker crash the firewall, which could cause a Denial-of-Service (DoS) situation.
By infosecbulletin
/ Tuesday , July 14 2026
Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
By infosecbulletin
/ Sunday , July 12 2026
Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
By infosecbulletin
/ Sunday , July 12 2026
Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
By infosecbulletin
/ Sunday , July 12 2026
A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
By infosecbulletin
/ Saturday , July 11 2026
CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
By infosecbulletin
/ Friday , July 10 2026
Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
By infosecbulletin
/ Friday , July 10 2026
A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
By infosecbulletin
/ Thursday , July 9 2026
A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
This flaw allows attackers to take the firewall offline by sending specific requests to the SSLVPN interface, without needing authentication.
The vulnerability affects a wide range of SonicWall’s Gen7 virtual and physical firewalls, including:
Gen7 NSv: NSv 270, NSv 470, NSv 870
Gen7 Firewalls: TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670
NSa Series: NSa 2700, 3700, 4700, 5700, 6700
NSsp Series: 10700, 11700, 13700, 15700
TZ80 (firmware 8.0.0-8037 and earlier)
Affected versions range from 7.1.1-7040 to 7.1.3-7015 (for 7.1.x releases) and 8.0.0-8037 and earlier for the TZ80.
SonicWall has quickly resolved this issue in recent firmware updates. Users should upgrade to:
Version 7.2.0-7015 or higher for Gen7 Firewalls and NSv
Version 8.0.1-8017 or higher for TZ80 devices
Enterprises are advised to implement these updates right away to reduce the risk of a DoS attack.
GitLab Releases Security Update For Multiple Vulns