SonicWall Critical Vulnerability - 20250731001¶
Overview¶
SonicWall have released a security update addressing a critical vulnerability affecting the SSL VPN interface of its SonicOS firewall products. SUccessful exploitation could allow a remote unauthenticated attacker to cause service disruption.
What is vulnerable?¶
Product(s) Affected | Version(s) | CVE | CVSS | Severity |
---|---|---|---|---|
Gen7 hardware/virtual firewalls | all versions prior to 7.3.0-7012 | CVE-2025-40600 | 9.8 | Critical |
What has been observed?¶
The WA SOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):