SONICWALL on Wednesday rolled out fixes for three SonicOS vulnerabilities, urging customers to immediately patch their Gen 6, Gen 7, and Gen 8 firewalls, with one high-severity and two medium-severity flaws.
According to SonicWall advisory, the high-severity CVE-2026-0204 could allow attackers to bypass access controls and alter certain management interface functions, while the two medium-severity issues, CVE-2026-0205 and CVE-2026-0206, involve a path traversal weakness and a remote crash vulnerability, respectively.
The vulnerabilities affect dozens of firewalls running firmware versions up to 6.5.5[.]1-6n, 7.0.1-5169, 7.3.1-7013, and 8.1.0-8017, and fixes are included in firmware releases 6.5.5[.]2-28n, 7.3.2-7010, and 8.2.0-8009. Customers are advised to update as soon as possible, or to restrict management access to SSH until patching is possible by disabling HTTP/HTTPS-based management and SSLVPN on all interfaces. Applying the patched firmware as soon as possible is strongly recommended, SonicWall notes.