Vulnerability Details CVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.5%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2025-40600
-
cpe:2.3:h:sonicwall:nsa_2700:-
-
cpe:2.3:h:sonicwall:nsa_3700:-
-
cpe:2.3:h:sonicwall:nsa_4700:-
-
cpe:2.3:h:sonicwall:nsa_5700:-
-
cpe:2.3:h:sonicwall:nsa_6700:-
-
cpe:2.3:h:sonicwall:nssp_10700:-
-
cpe:2.3:h:sonicwall:nssp_11700:-
-
cpe:2.3:h:sonicwall:nssp_13700:-
-
cpe:2.3:h:sonicwall:nssp_15700:-
-
cpe:2.3:h:sonicwall:nsv270:-
-
cpe:2.3:h:sonicwall:nsv470:-
-
cpe:2.3:h:sonicwall:nsv870:-
-
cpe:2.3:h:sonicwall:tz270:-
-
cpe:2.3:h:sonicwall:tz270w:-
-
cpe:2.3:h:sonicwall:tz370:-
-
cpe:2.3:h:sonicwall:tz370w:-
-
cpe:2.3:h:sonicwall:tz470:-
-
cpe:2.3:h:sonicwall:tz470w:-
-
cpe:2.3:h:sonicwall:tz570:-
-
cpe:2.3:h:sonicwall:tz570p:-
-
cpe:2.3:h:sonicwall:tz570w:-
-
cpe:2.3:h:sonicwall:tz670:-
-
cpe:2.3:o:sonicwall:sonicos:7.1.1-7040
-
cpe:2.3:o:sonicwall:sonicos:7.1.1-7047
-
cpe:2.3:o:sonicwall:sonicos:7.1.1-7051
-
cpe:2.3:o:sonicwall:sonicos:7.1.1-7058
-
cpe:2.3:o:sonicwall:sonicos:7.1.2-7019