CVE-2025-40600

Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa_2700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_10700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_11700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_13700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_15700:-:::::::*
	cpe:2.3:h:sonicwall:nsv270:-:::::::*
	cpe:2.3:h:sonicwall:nsv470:-:::::::*
	cpe:2.3:h:sonicwall:nsv870:-:::::::*
	cpe:2.3:h:sonicwall:tz270:-:::::::*
	cpe:2.3:h:sonicwall:tz270w:-:::::::*
	cpe:2.3:h:sonicwall:tz370:-:::::::*
	cpe:2.3:h:sonicwall:tz370w:-:::::::*
	cpe:2.3:h:sonicwall:tz470:-:::::::*
	cpe:2.3:h:sonicwall:tz470w:-:::::::*
	cpe:2.3:h:sonicwall:tz570:-:::::::*
	cpe:2.3:h:sonicwall:tz570p:-:::::::*
	cpe:2.3:h:sonicwall:tz570w:-:::::::*
	cpe:2.3:h:sonicwall:tz670:-:::::::*

History

11 Aug 2025, 14:59

Type	Values Removed	Values Added
First Time		Sonicwall tz370w Sonicwall nsa 4700 Sonicwall nssp 15700 Sonicwall nssp 13700 Sonicwall tz470 Sonicwall nsv270 Sonicwall nssp 10700 Sonicwall tz570w Sonicwall nsv470 Sonicwall tz470w Sonicwall nsa 5700 Sonicwall tz270w Sonicwall nsv870 Sonicwall tz370 Sonicwall tz570 Sonicwall nsa 2700 Sonicwall tz270 Sonicwall sonicos Sonicwall tz570p Sonicwall nssp 11700 Sonicwall nsa 3700 Sonicwall Sonicwall nsa 6700 Sonicwall tz670
CPE		cpe:2.3:h:sonicwall:tz370w:-:::::::* cpe:2.3:h:sonicwall:nsa_5700:-:::::::* cpe:2.3:h:sonicwall:nssp_15700:-:::::::* cpe:2.3:o:sonicwall:sonicos:::::::: cpe:2.3:h:sonicwall:tz270:-:::::::* cpe:2.3:h:sonicwall:nssp_11700:-:::::::* cpe:2.3:h:sonicwall:nsa_6700:-:::::::* cpe:2.3:h:sonicwall:tz470:-:::::::* cpe:2.3:h:sonicwall:tz470w:-:::::::* cpe:2.3:h:sonicwall:nsa_3700:-:::::::* cpe:2.3:h:sonicwall:nsa_2700:-:::::::* cpe:2.3:h:sonicwall:nssp_13700:-:::::::* cpe:2.3:h:sonicwall:tz270w:-:::::::* cpe:2.3:h:sonicwall:nsv270:-:::::::* cpe:2.3:h:sonicwall:nsv870:-:::::::* cpe:2.3:h:sonicwall:tz570:-:::::::* cpe:2.3:h:sonicwall:tz570p:-:::::::* cpe:2.3:h:sonicwall:nsa_4700:-:::::::* cpe:2.3:h:sonicwall:tz370:-:::::::* cpe:2.3:h:sonicwall:nsv470:-:::::::* cpe:2.3:h:sonicwall:tz570w:-:::::::* cpe:2.3:h:sonicwall:nssp_10700:-:::::::* cpe:2.3:h:sonicwall:tz670:-:::::::*
References	~~() https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013 -~~	() https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013 - Vendor Advisory

30 Jul 2025, 15:15

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad del uso de una cadena de formato controlada externamente en la interfaz SonicOS SSL VPN permite que un atacante remoto no autenticado provoque la interrupción del servicio.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8

29 Jul 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-29 22:15

Updated : 2025-08-11 14:59

NVD link : CVE-2025-40600

Mitre link : CVE-2025-40600

CVE.ORG link : CVE-2025-40600

JSON object : View

Products Affected

sonicwall

tz570p
tz570
nssp_11700
nsv470
nsv870
nssp_15700
nssp_13700
nsa_2700
nsv270
tz370w
nssp_10700
nsa_3700
tz470w
nsa_5700
tz270
nsa_6700
tz670
tz370
tz270w
sonicos
tz570w
nsa_4700
tz470

CWE

CWE-134

Use of Externally-Controlled Format String

9.8 /10