SonicWall Patches Three SonicOS Flaws in Gen 6, 7 and 8 Firewalls. Patch Them Now

The discovery of three critical SonicOS flaws underscores a broader trend: firewalls, once considered the final line of defense, are increasingly targeted by sophisticated attackers. As organizations migrate workloads to hybrid clouds, the reliance on perimeter devices grows, making any weakness a potential gateway to internal networks. Historically, vulnerabilities in network appliances have been exploited for lateral movement, data exfiltration, or ransomware deployment, prompting vendors to accelerate patch cycles and customers to prioritize firmware hygiene.

CVE‑2026‑0204, rated 8.0 on the CVSS scale, exploits an improper access‑control bug that can expose management functions to unauthenticated users under specific conditions. The companion issues, CVE‑2026‑0205 and CVE‑2026‑0206, each carry a 6.8 score and enable post‑authentication path traversal and a stack‑based buffer overflow, respectively. While no public exploits have been observed, the attack vectors are well‑known in the security community, meaning threat actors could develop tools quickly. SonicWall’s advisory recommends immediate patching for firmware up to 6.5.5.2‑28n, 7.3.2‑7010 and 8.2.0‑8009, and, where patching lags, a temporary hardening step: disable HTTP/HTTPS management and SSL‑VPN, limiting access to SSH only.

For enterprises, the incident is a reminder that patch management must be a continuous, automated process rather than an ad‑hoc response. Integrating vulnerability scanners with change‑control workflows can surface at‑risk devices before attackers do. Moreover, adopting a defense‑in‑depth strategy—such as network segmentation, multi‑factor authentication for admin portals, and regular configuration audits—reduces the blast radius if a firewall is compromised. By treating firmware updates as critical as operating‑system patches, organizations can maintain the integrity of their security perimeter and avoid costly breach remediation.