March 29, 2022
SonicWall Patches a Critical SonicOS RCE Vulnerability
SonicWall has released a security advisory addressing a critical vulnerability in SonicOS which may lead to an unauthenticated remote code execution in a wide range of SonicWall firewall products.
- (CVSS 3.0: 9.4, Critical) – A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
- TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSv 270, NSv 470, and NSv 870 – versions 7.0.1-5050, and older.
- NSsp 15700 – versions 7.0.1-R579, and older.
- NSv 10, NSv 25, NSv 50, NSv 100, NSv 200, NSv 300, NSv 400, NSv 800, NSv 1600 – versions 188.8.131.52-44v-21-1452, and older.
CYREBRO recommends updating relevant products according to the ‘fixed software’ section, as presented in the.
Please note that firewall model NSsp 15700 has not yet received an appropriate update. Users of this model are advised to either contact SonicWall service and request a temporary patch, or to apply the methods mentioned in the ‘Workaround’ section below.
Until mitigation can be applied, SonicWall strongly recommends that administrators limit SonicOS management access to trusted IP sources only, by modifying the existing SonicOS Management access rules (SSH/HTTPS/HTTP Management).