New SonicWall SonicOS flaw allows hackers to crash firewalls

SonicWall has released a patch for a high-severity flaw (CVE-2025-40601) in its SonicOS SSLVPN that can cause vulnerable firewalls to crash. While there’s no evidence of active exploitation, Gen8 and Gen7 firewalls are affected, and customers are urged to update or implement workarounds like disabling SSLVPN or restricting access. Additionally, SonicWall patched two vulnerabilities in its Email Security appliances and previously addressed a state-sponsored breach and malware targeting its devices.