SonicWall Gen6‑8 flaws patched

Firewalls are supposed to be the thing that stands between your network and everyone else. So when the firewall itself has bugs that let someone slip past access controls or knock the box over, that is a bad day. That is the situation SonicWall is dealing with right now. On April 29, 2026, the company pushed fixes for three SonicOS vulnerabilities affecting Gen 6, Gen 7, and Gen 8 appliances, and the guidance is pretty direct — patch fast. (sonicwall.com) ### What actually broke? Three separate flaws landed in the advisory. The headline one is CVE-2026-0204, a high-severity bug that can let an attacker bypass access controls and reach certain management-interface functions. In plain English, that mea(sonicwall.com) protections. The other two, CVE-2026-0205 and CVE-2026-0206, are medium-severity issues tied to path traversal and remote crashing. (securityweek.com) ### Why is the management plane the scary part? Because the management plane is the control room. If a bug lives there, the attacker is not just poking at traffic passing through the firewall — the attacker is going after the dashboard that defines the rules. That is the difference betwee(securityweek.com)onfigurations and disable security protections, which is exactly the kind of outcome admins worry about most. (securityweek.com) ### Can these bugs be hit remotely? One of them can crash the device remotely, but there is an important catch. SonicWall says the two medium-severity flaws require authentication for exploitation. The high-severity access-control bug is framed around an attacker having access to the mana(securityweek.com)d not make anyone relax — exposed management interfaces and SSL VPN are common enough that “requires access” is not the comfort phrase people want it to be. (sonicwall.com) ### Which versions are affected? The affected range is broad. SecurityWeek’s summary says impacted devices include firmware up to 6.5.5.1-6n on Gen 6, 7.0.1-5169 and 7.3.1-7013 on Gen 7, and 8.1.0-8017 on Gen 8. SonicWall’s fix matrix points admins to patched releases 6.5.5.2-28n, 7.3.2-7010, and 8.2.0-8009. That is the upgrade target. (sonicwall.com) ### What should admins do first? Patch first if you can. SonicWall says the firmware is available now, and Gen 6 builds were posted to MySonicWall on April 29. If auto-update is enabled, the company says those systems will be remediated automatically through the update service. If not, admins need to pull the new firmware manually and install it. (sonicwall.com) ### What if patching has to wait? Then the temporary fallback is to shrink the attack surface hard. SonicWall says to disable HTTP and HTTPS firewall management on all interfaces, disable SSL VPN on all interfaces, and restrict management access to (sonicwall.com)is a stopgap, not a substitute for upgrading. (sonicwall.com) ### Are these being exploited already? Right now, SonicWall has not said these three bugs are being exploited in the wild. That matters, but only up to a point. Firewall flaws tend to move quickly from advisory to scanning once patch details are pub(sonicwall.com)s kind of notice gets treated like an urgent maintenance job, not a backlog item. (securityweek.com) ### Bottom line This is a straightforward patch-now story. If you run SonicWall Gen 6, 7, or 8 firewalls, move to 6.5.5.2-28n, 7.3.2-7010, or 8.2.0-8009, and lock down management access until that is done. The news is not that attackers have already burned these bugs at scale. The news is that the firewall’s own control room had holes in it — and SonicWall just handed admins the fix. (sonicwall.com)