Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
Critical Microsoft Flaws Let Attackers Gain Privileges, Steal Data
July 2, 2026
FortiBleed Vulnerability Exploited by INC and Lynx Ransomware to Steal Passwords
July 2, 2026
WhatsApp Username Reservations Raise Security Concerns for 2 Billion Users
July 2, 2026
Home/CyberSecurity News/Critical SonicWall SonicOS Flaws Let Attackers Bypass Controls, Crash Firewalls
CyberSecurity News

Critical SonicWall SonicOS Flaws Let Attackers Bypass Controls, Crash Firewalls

Key Takeaways SonicWall has disclosed three critical vulnerabilities in its SonicOS software, affecting multiple generations of its firewall products. The flaws, discovered by CrowdStrike, range from...

Marcus Rodriguez
Marcus Rodriguez
April 30, 2026 3 Min Read
44 0

Key Takeaways

  • SonicWall has disclosed three critical vulnerabilities in its SonicOS software, affecting multiple generations of its firewall products.
  • The flaws, discovered by CrowdStrike, range from improper access control to buffer overflows, potentially leading to unauthorized access or denial-of-service.
  • Impacted devices include Generation 6, 7, and 8 hardware and virtual firewalls.
  • Patches are available, and administrators are strongly advised to update their firmware immediately.

SonicWall SonicOS Vulnerabilities

SonicWall has released a security advisory concerning three critical vulnerabilities found within its SonicOS software. These security weaknesses, identified by CrowdStrike’s Advanced Research Team, could enable attackers to circumvent existing access controls, gain entry to restricted services, or trigger a denial-of-service (DoS) condition by crashing the firewall device.

Table Of Content

  • Key Takeaways
  • SonicWall SonicOS Vulnerabilities
  • Details of the Flaws
  • Affected Products and Patches
  • Warning for Gen6 Devices
  • What You Should Do

Network administrators are urged to apply the latest firmware updates without delay to protect their systems from potential exploitation.

Details of the Flaws

The advisory details three distinct vulnerabilities impacting a broad spectrum of SonicWall firewall generations:

  • CVE-2026-0204: This improper access control vulnerability carries a CVSS score of 8.0. It allows unauthorized access to specific management interface functions under certain conditions due to insufficient authentication mechanisms.
  • CVE-2026-0205: Rated with a CVSS score of 6.8, this post-authentication path-traversal flaw could grant an attacker access to services typically restricted from their access level.
  • CVE-2026-0206: A post-authentication stack-based buffer overflow, with a CVSS score of 4.9, this vulnerability permits a remote authenticated attacker to crash the firewall device, leading to a denial-of-service.

Affected Products and Patches

These vulnerabilities impact a wide array of SonicWall’s hardware and virtual firewall appliances across its Generation 6, 7, and 8 product lines:

  • Generation 6 hardware firewalls running firmware version 6.5.5.1-6n and earlier.
  • Generation 7 firewalls with firmware versions 7.0.1-5169 or 7.3.1-7013, or earlier.
  • Generation 7 NSv virtual platforms on versions 7.0.1-5169 and 7.3.1-7013 or older.
  • Generation 8 firewalls operating on firmware version 8.1.0-8017 and older.

SonicWall has made fixed firmware versions available to address these security issues. Administrators should upgrade to the following versions:

  • Version 6.5.5.2-28n for Generation 6 devices.
  • Version 7.3.2-7010 for Generation 7 devices.
  • Version 8.2.0-8009 for Generation 8 devices.

For organizations unable to apply patches immediately, SonicWall recommends a temporary workaround to secure exposed devices. This involves completely disabling HTTP and HTTPS-based firewall management and SSLVPN on all interfaces. To maintain administrative access, management should be restricted exclusively to SSH until the necessary firmware updates can be applied.

Warning for Gen6 Devices

Organizations utilizing Generation 6 firewalls must exercise particular caution when updating to the fixed version 6.5.5.2-28n. SonicWall explicitly warns against downgrading from this patched firmware to any previous version. As detailed in their advisory, performing a firmware downgrade on Gen6 devices will result in the deletion of all LDAP users and a complete reset of all Multi-Factor Authentication (MFA) configurations. Should a downgrade become unavoidable, administrators will be required to manually reconfigure all LDAP and MFA settings afterward. It is always recommended to perform a full configuration backup before initiating any upgrade process to prevent data loss.

What You Should Do

  • Update Firmware Immediately: Apply the latest firmware patches (6.5.5.2-28n for Gen6, 7.3.2-7010 for Gen7, 8.2.0-8009 for Gen8) as soon as possible.
  • Backup Configurations: Prior to any firmware update, perform a full configuration backup of your SonicWall device.
  • Implement Workarounds if Patching is Delayed: If immediate patching is not feasible, disable HTTP/HTTPS-based firewall management and SSLVPN on all interfaces. Restrict management access solely to SSH.
  • Exercise Caution with Gen6 Downgrades: Be aware that downgrading Gen6 devices from the patched firmware will delete LDAP users and reset MFA configurations, requiring manual re-setup.
  • Consult Official Advisory: Refer to the official SonicWall security advisory (SNWLID-2026-0004) for the most current and detailed information.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityVulnerability

Share Article

Marcus Rodriguez

Marcus Rodriguez

Marcus is a security researcher and investigative journalist with expertise in vulnerability research, bug bounties, and cloud security. Since 2017, Marcus has been breaking stories on critical vulnerabilities affecting major platforms. His investigative work has led to the disclosure of numerous security flaws and improved defenses across the industry. Marcus is an active participant in bug bounty programs and has been recognized for responsible disclosure practices. He holds multiple security certifications and regularly speaks at industry events.

Previous Post

EtherRAT Variant Uses Tftpd64 Installer to Steal Web3 Assets

Next Post

Malicious npm Package Brand-Squats TanStack, Exfiltrates Developer Secrets

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
India Halts WhatsApp Usernames Rollout Due to Fraud Concerns
July 1, 2026
Critical Cursor IDE RCE Vulnerabilities Allow Zero-Click Prompt Injection
July 1, 2026
Automated Password Spray Attacks Target Microsoft Azure CLI
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us