Critical Vulnerabilities in SonicWall SMA 100 Series SSL-VPN Appliances Exposed

SonicWall has identified critical security vulnerabilities in its SMA 100 series SSL-VPN appliances, affecting models SMA 210, 410, and 500v running firmware version 10.2.1.15-81sv and earlier. These flaws could allow remote attackers to execute arbitrary JavaScript code and potentially gain code execution without authentication, posing significant security risks.

Key Vulnerabilities

Buffer Overflow Vulnerabilities:

CVE-2025-40596: A pre-authentication stack-based buffer overflow with a CVSS score of 7.3, enabling remote attackers to cause Denial of Service (DoS) or execute arbitrary code.

CVE-2025-40597: A heap-based buffer overflow, also with a CVSS score of 7.3, sharing similar attack vectors.
Cross-Site Scripting (XSS):

CVE-2025-40598: A reflected XSS vulnerability with a CVSS score of 6.3, allowing attackers to execute arbitrary JavaScript code, requiring user interaction.

Recommended Actions
SonicWall urges users to upgrade to firmware version 10.2.2.1-90sv or higher to mitigate these vulnerabilities. The company also recommends enabling multi-factor authentication (MFA) and activating the Web Application Firewall (WAF) feature on SMA100 devices for added protection.

NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security

Sharing is caring!
Share

Tweet LinkedIn