"The high-severity flaw, tracked as CVE-2026-0204, allows attackers to bypass access controls and access certain management interface functions, potentially modifying firewall configurations and disabling security protections."
"Tracked as CVE-2026-0205, the first medium-severity issue is a path traversal weakness that could be exploited to interact with restricted services, while CVE-2026-0206 allows remote attackers to crash vulnerable firewalls."
"Both medium-severity vulnerabilities require authentication for successful exploitation, impacting dozens of firewalls running specific firmware versions."
"Applying the patched firmware as soon as possible is strongly recommended, with temporary mitigations suggested to restrict management access until patching is feasible."
SonicWall released fixes for three vulnerabilities in its Gen 6, 7, and 8 firewalls, urging customers to apply firmware updates immediately. One vulnerability, CVE-2026-0204, is rated high severity and allows attackers to bypass access controls. Two medium-severity vulnerabilities, CVE-2026-0205 and CVE-2026-0206, could be exploited to interact with restricted services and crash firewalls, respectively. All three vulnerabilities affect specific firmware versions, and customers are advised to update or restrict management access until patches are applied.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]