SonicWall Critical Vulnerability - 20250731001

Overview

SonicWall have released a security update addressing a critical vulnerability affecting the SSL VPN interface of its SonicOS firewall products. SUccessful exploitation could allow a remote unauthenticated attacker to cause service disruption.

What is vulnerable?

Product(s) Affected	Version(s)	CVE	CVSS	Severity
Gen7 hardware/virtual firewalls	all versions prior to 7.3.0-7012	CVE-2025-40600	9.8	Critical

What has been observed?

The WA SOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):

• SonicWall: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013

Additional References

• Tenable: https://www.tenable.com/cve/CVE-2025-40600