Primary

Context

SonicWall SonicOS Improper Access Control Vulnerability

Vulnerability

Patched

A vulnerability exists in the access control mechanism of SonicOS, potentially allowing certain management interface functions to be accessed under specific conditions. This issue affects multiple generations of SonicWall firewalls and NSv platforms, with varying vulnerable versions.

Impact

Exploitation of this vulnerability could lead to unauthorized access to management interface functions, allowing for potentially privileged actions or configurations to be altered.

Remediation

Administrators are advised to disable HTTP or HTTPS-based firewall management and SSL-VPN access on all interfaces, restricting management access to SSH only. Once the vulnerability has been addressed, SonicWall firewalls can be updated to version 6.5.5.2-28n for Gen6 hardware, version 7.3.2-7010 for Gen7 firewalls and NSv platforms, or version 8.2.0-8009 for Gen8 firewalls.

Added: Apr 29, 2026, 5:44 PM

Updated: Apr 29, 2026, 5:44 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

4.4

remediation

8.3

relevance

7.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

4.4

remediation

8.3

relevance

7.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SonicWall SonicOS Improper Access Control Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SonicWall Gen6 Hardware Firewalls

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating