Welcome to our NEW support portal! We are now SonicWall, with a dedicated support site. Learn more.

Reporting Security Vulnerablity

Report a Security Vulnerability

A security vulnerability is a flaw or weakness in the design, implementation, operation or management or a product or service that could be exploited to violate the system's security policy.  To protect businesses and organizations worldwide, it is critical that the broader community of IT and security professionals report potential vulnerabilities as soon as they are recognized. This allows industry experts to take appropriate action to resolve any vulnerability that is discovered.

Reporting a SonicWall Security Vulnerability

If you are aware of a potential security vulnerability with any SonicWall Security product or service, we encourage you to contact us immediately using the Security Vulnerability Submission Form below or via email.

Security Vulnerability Submission Form

To report a potential security vulnerability in a SonicWall Security offering, please complete and submit our Vulnerability Reporting Submission Form.

Once the information has been received, a member of the SonicWall Security PSIRT will contact you directly to discuss the report in more detail.

Security Vulnerability Submission via Email

You can also report a potential security vulnerability in a SonicWall Security offering by sending an email to ProductSecurity@sonicwall.com. Please be sure to include as much of the following information as possible.

How SonicWall Security Responds to a Vulnerability Submission

All reported vulnerabilities are investigated by the SonicWall Security PSIRT team. Acknowledgments to reported vulnerabilities should be expected within 24 hours. Throughout the investigation process, SonicWall Security makes every effort to work collaboratively with the incident reporter to investigate the vulnerability, gather required technical information, and to determine an appropriate action plan.

Responsible Disclosure

Notifying a vendor prior to releasing information publicly about a vulnerability is standard practice in the security industry and is known as “responsible disclosure.” This advance notice allows vendors to research and fix vulnerabilities before computer criminals are notified of their existence – keeping the Internet safer for business. We appreciate your assistance in ensuring that SonicWall Security products and services are secure.