9.8
CVE-2025-40600
- EPSS 0.09%
- Published 29.07.2025 21:11:59
- Last modified 11.08.2025 14:59:40
- Source PSIRT@sonicwall.com
- Teams watchlist Login
- Open Login
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Sonicwall ≫ Sonicos Version >= 7.1.1-7040 < 7.3.0-7012
Sonicwall ≫ Nsa 2700 Version-
Sonicwall ≫ Nsa 3700 Version-
Sonicwall ≫ Nsa 4700 Version-
Sonicwall ≫ Nsa 5700 Version-
Sonicwall ≫ Nsa 6700 Version-
Sonicwall ≫ Nssp 10700 Version-
Sonicwall ≫ Nssp 11700 Version-
Sonicwall ≫ Nssp 13700 Version-
Sonicwall ≫ Nssp 15700 Version-
Sonicwall ≫ Nsv270 Version-
Sonicwall ≫ Nsv470 Version-
Sonicwall ≫ Nsv870 Version-
Sonicwall ≫ Tz270 Version-
Sonicwall ≫ Tz270w Version-
Sonicwall ≫ Tz370 Version-
Sonicwall ≫ Tz370w Version-
Sonicwall ≫ Tz470 Version-
Sonicwall ≫ Tz470w Version-
Sonicwall ≫ Tz570 Version-
Sonicwall ≫ Tz570p Version-
Sonicwall ≫ Tz570w Version-
Sonicwall ≫ Tz670 Version-
Sonicwall ≫ Nsa 3700 Version-
Sonicwall ≫ Nsa 4700 Version-
Sonicwall ≫ Nsa 5700 Version-
Sonicwall ≫ Nsa 6700 Version-
Sonicwall ≫ Nssp 10700 Version-
Sonicwall ≫ Nssp 11700 Version-
Sonicwall ≫ Nssp 13700 Version-
Sonicwall ≫ Nssp 15700 Version-
Sonicwall ≫ Nsv270 Version-
Sonicwall ≫ Nsv470 Version-
Sonicwall ≫ Nsv870 Version-
Sonicwall ≫ Tz270 Version-
Sonicwall ≫ Tz270w Version-
Sonicwall ≫ Tz370 Version-
Sonicwall ≫ Tz370w Version-
Sonicwall ≫ Tz470 Version-
Sonicwall ≫ Tz470w Version-
Sonicwall ≫ Tz570 Version-
Sonicwall ≫ Tz570p Version-
Sonicwall ≫ Tz570w Version-
Sonicwall ≫ Tz670 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.262 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-134 Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.