9.8критическая
CVE-2025-40600
Описание
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.
Затрагиваемое ПО
Sonicwall SonicosSonicwall Nsa 2700Sonicwall Nsa 3700Sonicwall Nsa 4700Sonicwall Nsa 5700Sonicwall Nsa 6700Sonicwall Nssp 10700Sonicwall Nssp 11700Sonicwall Nssp 13700Sonicwall Nssp 15700Sonicwall Nsv270Sonicwall Nsv470Sonicwall Nsv870Sonicwall Tz270Sonicwall Tz270wSonicwall Tz370Sonicwall Tz370wSonicwall Tz470Sonicwall Tz470wSonicwall Tz570Sonicwall Tz570pSonicwall Tz570wSonicwall Tz670
CVSS
| Балл | 9.8 — критическая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Источники
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013