Primary

Context

SonicWall SonicOS Post-Authentication NULL Pointer Dereference Vulnerability Allowing Firewall Crash

Vulnerability

A post-authentication NULL Pointer Dereference vulnerability has been identified in SonicWall SonicOS. This vulnerability allows remote attackers to cause a crash on the affected firewall. It is present in multiple Gen7 and Gen8 hardware and virtual firewalls, specifically in certain models within the TZ and NSa series, as well as in the NSv virtual firewalls. The vulnerability affects versions 7.0.1-5169 and older, as well as 8.1.0-8017 and older.

Impact

Exploitation of this vulnerability leads to a crash of the firewall, causing a denial of service.

Remediation

Users can upgrade to SonicOS version 7.3.2-7010 or higher for Gen7 firewalls, and version 8.2.0-8009 or higher for Gen8 firewalls.

Added: Feb 24, 2026, 3:31 PM

Updated: Feb 24, 2026, 10:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SonicWall SonicOS Post-Authentication NULL Pointer Dereference Vulnerability Allowing Firewall Crash

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating