Lucene search

K
thnThe Hacker NewsTHN:B7E123FC40893C2CE9A2FDD0621CFBE7
HistoryMar 30, 2022 - 3:25 a.m.

Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances

2022-03-3003:25:00
The Hacker News
thehackernews.com
61

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

SonicWall Firewall Appliances

SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition.

Tracked as CVE-2022-22274 (CVSS score: 9.4), the issue has been described as a stack-based buffer overflow in the web management interface of SonicOS that could be triggered by sending a specially crafted HTTP request, leading to remote code execution or DoS.

The flaw impacts 31 different SonicWall Firewall devices running versions 7.0.1-5050 and earlier, 7.0.1-R579 and earlier, and 6.5.4.4-44v-21-1452 and earlier. ZiTong Wang of Hatlab has been credited with reporting the issue.

SonicWall Firewall Appliances

The network security company said it’s not aware of any instance of active exploitation in the wild leveraging the weakness, and that no proof-of-concept (PoC) or malicious use of the vulnerability has been publicly reported to date.

That said, users of the affected appliances are recommended to apply the patches as soon as possible to mitigate potential threats. Until the fixes can be put in place, SonicWall is also recommending customers to limit SonicOS management access to trusted source IP addresses.

The advisory arrives as cybersecurity company Sophos cautioned that a critical authentication bypass vulnerability in its firewall product (CVE-2022-1040, CVSS score: 9.8) has been exploited in active attacks against select organizations in South Asia.

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

Related for THN:B7E123FC40893C2CE9A2FDD0621CFBE7