Security Alert (A20-10-03): Vulnerability in SonicWall Products


 

Published on: 15 October 2020

  
  

Description:

SonicWall released a security advisory to address a buffer overflow vulnerability in SonicOS which is the operating system for SonicWall firewalls. A remote attacker could exploit the vulnerability by sending specially crafted HTML requests to an affected system.

 

Affected Systems:

  • SonicOS 6.5.4.7-79n and earlier
  • SonicOS 6.5.1.11-4n and earlier
  • SonicOS 6.0.5.3-93o and earlier
  • SonicOSv 6.5.4.4-44v-21-794 and earlier
  • SonicOS 7.0.0.0-1

 

Impact:

Successful exploitation of the vulnerability could lead to arbitrary code execution or denial of service on an affected system.

 

Recommendation:

Software updates for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5135

 



Tag: SonicWall , SonicOS , SonicOSv
Tags