Primary

Context

SonicWall SonicOS Post-Authentication Format String Vulnerability Leading to Firewall Crash

Vulnerability

A post-authentication format string vulnerability has been identified in SonicWall SonicOS. This vulnerability allows remote attackers to cause a crash on the affected firewall. It is present in multiple Gen7 and Gen8 hardware and virtual firewalls, specifically in certain models within the TZ and NSa series, as well as in the NSv virtual firewalls. The vulnerability affects SonicOS versions 7.0.1-5169 and older, as well as 8.1.0-8017 and older.

Impact

Exploitation of this vulnerability leads to a crash of the firewall, causing a denial of service condition.

Remediation

Users can upgrade to SonicOS versions 7.3.2-7010 or higher, or 8.2.0-8009 or higher, depending on their current version and platform.

Added: Feb 24, 2026, 3:32 PM

Updated: Feb 24, 2026, 10:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SonicWall SonicOS Post-Authentication Format String Vulnerability Leading to Firewall Crash

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating