Home

Description

Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.

PUBLISHED Reserved 2025-04-16 | Published 2025-07-29 | Updated 2025-07-30 | Assigner sonicwall

Problem types

CWE-134 Use of Externally-Controlled Format String

Product status

Default status
unknown

7.2.0-7015 and older versions
affected

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013 vendor-advisory

cve.org (CVE-2025-40600)

nvd.nist.gov (CVE-2025-40600)

Download JSON