SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed

watchTowr’s latest research details critical SonicWall SMA100 flaws (CVE-2025-40596, 40597, 40598). Discover how pre-auth stack/heap overflows and XSS put SSL-VPNs at risk. Patch now!

Cybersecurity firm watchTowr has uncovered multiple serious vulnerabilities within SonicWall’s SMA100 series SSL-VPN appliances, highlighting ongoing security challenges in widely used network infrastructure devices.

The in-depth research, which includes three critical CVEs, was shared with Hackread.com. The findings, confirmed against firmware version 10.2.1.15 and earlier versions, expose flaws that watchTowr Labs’ experts described as feeling “preserved in amber from a more naïve era of C programming.” Despite advancements in security, pre-authentication buffer overflows continue to surface.

Among the vulnerabilities is CVE-2025-40596, a stack-based buffer overflow with a High severity CVSS score of 7.3. This flaw can be triggered before a user even logs in and resides in the httpd program, which handles incoming web requests. It incorrectly uses ...