What the vulnerability does

01Description

Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.

Key dates

02Disclosure timeline

July 29, 2025 CVE published
July 30, 2025 Record updated