SonicWall has issued an urgent advisory regarding a high-severity vulnerability in its SSLVPN Virtual Office interface. The vulnerability, tracked as CVE-2025-32818, allows unauthenticated attackers to remotely crash firewalls and disrupt network operations. Affected products include SonicWall Gen7 firewalls and TZ80 models. The flaw has been assigned a CVSS v3 score of 7.5, signaling its critical nature for organizations relying on these devices.
The issue arises from a Null Pointer Dereference (CWE-476) in SonicOS, which occurs when the software tries to access memory via an invalid pointer. This can be exploited by attackers sending specially crafted requests to the SSLVPN interface, causing a denial-of-service (DoS) condition. The flaw does not require user interaction or authentication, making it a severe risk for remote exploitation.
Without mitigation, firewalls can be easily crashed, affecting business operations.
SonicWall has released firmware updates to address the vulnerability. Gen7 appliances should be upgraded to version 7.2.0-7015 or higher, while TZ80 appliances need to update to version 8.0.1-8017 or higher. No workaround is available, and administrators are urged to apply patches immediately to protect against the attack.
Monitoring for unusual SSLVPN connection attempts is advised for organizations unable to patch right away.
This vulnerability highlights the importance of timely patch management for enterprises using SonicWall’s SSLVPN service. It is the third significant SSLVPN-related flaw discovered since 2023, underscoring the vulnerability of VPN gateways. As remote work remains widespread in 2025, organizations must prioritize securing these critical access points to defend against potential breaches.
