SonicWall Patches a Critical RCE in Firewall Appliances
Share this:
SonicWall has released security updates to address a critical vulnerability (CVE-2022-22274) is a stack based buffer overflow vulnerability in SonicOS that impacts multiple firewall appliances that could be exploited by an unauthenticated, remote attacker to execute arbitrary code and trigger a DoS condition.
According to the official advisory, the vulnerability is an unauthenticated stack-based buffer overflow issue in SonicOS, rated 9.4 out of 10 on the CVSS scale.
The issue is in the web management interface of SonicOS that could be triggered by sensing a specially crafted HTTP request. If this happens, a remote code execution or denial-of-service condition appears.
There isn’t any indication of active exploitation CVE-2022-22274, SonicWall PSIRT said in the advisory. There are no reports of a PoC (proof-of-concept), and there are no reports of malicious use.
The vulnerability impacts 31 different Firewall devices running versions 7.0.1-5050 and earlier, 7.0.1-R579 and earlier, and 6.5.4.4-44v-21-1452 and earlier.
Sonicwall urges organizations using impacted SonicWall firewalls to limit SonicOS management access to trusted sources. Another option is disabling management access from untrusted internet sources, which could be done by modifying the existing SonicOS Management access rules (SSH/HTTPS/HTTP Management). This workaround should be done until patches are made available.
