SonicWall on Wednesday rolled out fixes for 3 SonicOS vulnerabilities, urging clients to instantly patch their Gen 6, Gen 7, and Gen 8 firewalls.
“These vulnerabilities require rapid firmware updates to keep up security posture. One CVE is rated excessive severity, and two are rated medium severity,” the corporate warned.
The high-severity flaw, tracked as CVE-2026-0204, permits attackers to bypass entry controls and entry sure administration interface capabilities, SonicWall notes in an advisory.
An attacker with entry to the administration interface may doubtlessly modify firewall configurations and disable security protections.
Tracked as CVE-2026-0205, the primary medium-severity subject is a path traversal weak spot that might be exploited to work together with restricted companies.
The second medium-severity defect, tracked as CVE-2026-0206, permits distant attackers to crash susceptible firewalls, the corporate says.
Each medium-severity vulnerabilities require authentication for profitable exploitation.
The three vulnerabilities impression dozens of firewalls working firmware variations as much as 6.5.5.1-6n, 7.0.1-5169, 7.3.1-7013, and eight.1.0-8017.
Fixes had been included in firmware releases 6.5.5.2-28n, 7.3.2-7010, and eight.2.0-8009, and clients are suggested to replace their home equipment as quickly as attainable, or to limit administration entry to SSH solely till patching is feasible, by disabling HTTP/HTTPS-based administration and SSLVPN on all interfaces.
“Making use of the patched firmware as quickly as attainable is strongly really helpful,” SonicWall notes, underlining that administration entry restrictions are momentary mitigations.
The corporate makes no point out of any of those security defects being exploited within the wild.
