A critical RCE vulnerability affects SonicWall Firewall appliances

SonicWall released security updates to address a remote code execution vulnerability that affects multiple firewall appliances.

SonicWall has released security updates to address a critical vulnerability (CVE-2022-22274) that impacts multiple firewall appliances that could be exploited by an unauthenticated, remote attacker to execute arbitrary code and trigger a denial-of-service (DoS) condition.

The CVE-2022-22274 is a stack-based buffer overflow vulnerability in SonicOS, it was discovered by the security researcher ZiTong Wang from Hatlab.

“A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.” reads the advisory published by SonicWall.

SonicWall PSIRT revealed that it is not aware of attacks in the wild exploiting this vulnerability.

“SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a PoC have been made public and malicious use of this vulnerability has not been reported to SonicWall.” continues the advisory.

The vulnerability impacts 31 different Firewall devices running versions 7.0.1-5050 and earlier, 7.0.1-R579 and earlier, and 6.5.4.4-44v-21-1452 and earlier.

The company urges its customers that are using vulnerable appliances to apply the available patches as soon as possible, it also recommends administrators to limit SonicOS management access to trusted source IP addresses by modifying the existing SonicOS management access rules.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Firewall)

[adrotate banner=”5″]

[adrotate banner=”13″]