HomeIntelligenceBrief
VULNERABILITY BRIEF🟠 High Vulnerability

SonicWall Issues Urgent Patches for Three Critical SonicOS Vulnerabilities Across Gen 6‑8 Firewalls

SonicWall released emergency firmware updates fixing three SonicOS flaws (CVE‑2026‑0204, ‑0205, ‑0206) that could let attackers bypass controls, traverse paths, or crash firewalls. The high‑severity CVE poses a significant risk to any organization relying on SonicWall perimeter devices, making rapid patching a top TPRM priority.

LiveThreat™ Intelligence · 📅 May 01, 2026· 📰 securityaffairs.com
🟠
Severity
High
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
6 sector(s)
Actions
4 recommended
📰
Source
securityaffairs.com

SonicWall Issues Urgent Patches for Three Critical SonicOS Vulnerabilities Across Gen 6‑8 Firewalls

What Happened – SonicWall published emergency firmware updates that remediate three SonicOS flaws (CVE‑2026‑0204, CVE‑2026‑0205, CVE‑2026‑0206) affecting Generation 6, 7 and 8 firewalls. The vulnerabilities allow an attacker to bypass access controls, perform post‑authentication path traversal, and trigger a stack‑based buffer overflow that can crash the appliance.

Why It Matters for TPRM

  • Unpatched firewalls expose the entire corporate network to lateral movement and data exfiltration.
  • The flaws affect a wide range of industries that rely on SonicWall as a perimeter defense, raising supply‑chain risk for any third‑party that hosts or connects through these devices.
  • The high‑severity CVE (CVSS 8.0) demonstrates that even mature vendors can have critical bugs; continuous monitoring of vendor patch cycles is essential.

Who Is Affected – Organizations that deploy SonicWall firewalls (financial services, healthcare, retail, manufacturing, government, and most mid‑size enterprises).

Recommended Actions

  • Deploy the SonicOS patches immediately for all affected firmware versions.
  • Until patches can be applied, disable HTTP/HTTPS management and SSL‑VPN on all interfaces; restrict management access to SSH only.
  • Verify that the firewall firmware version matches the patched releases (6.5.5.2‑28n, 7.3.2‑7010, 8.2.0‑8009 or later).
  • Update your third‑party risk inventory to reflect the new patch status and re‑assess the vendor’s security posture.

Technical Notes

  • CVE‑2026‑0204: Improper access‑control bug (CVSS 8.0) that may expose management functions under specific conditions.
  • CVE‑2026‑0205: Post‑authentication path‑traversal (CVSS 6.8) enabling interaction with restricted services.
  • CVE‑2026‑0206: Post‑authentication stack‑based buffer overflow (CVSS 6.8) that can crash the firewall.
  • Affected firmware: up to 6.5.5.1‑6n, 7.0.1‑5169, 7.3.1‑7013, 8.1.0‑8017. Patched versions are 6.5.5.2‑28n, 7.3.2‑7010, 8.2.0‑8009.
  • No public evidence of exploitation in the wild at time of publication.

Source: SecurityAffairs – SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them now

📰 Original Source
https://securityaffairs.com/191527/security/sonicwall-patches-three-sonicos-flaws-in-gen-6-7-and-8-firewalls-patch-them-now.html

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

Monitor Your Vendor Risk with LiveThreat™

Get automated breach alerts, security scorecards, and intelligence briefs when your vendors are compromised.

Start Free Trial → Learn About Scorecards
← All Intelligence Briefs Breach Watch Feed →