CVE-2025-32818

Summary

A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition.

Affected Software

VendorProductVersion RangeStatus
SonicWallSonicOS7.1.1-7040 <= 7.1.3-7015affected
SonicWallSonicOS8.0.0-8037 and earlier versionsaffected

Weaknesses

  • CWE-476: CWE-476 NULL Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References