Threat Watch

Share on facebook
Share on twitter
Share on linkedin

SonicWall VPN Vulnerability Could Lead To Remote Code Execution

Researchers with Tripwire’s VERT have identified a buffer-overflow in SonicWall’s Network Security Appliance, allowing for persistent denial of service. This flaw can be triggered using a custom formatted protocol header sent through an unauthenticated HTTP request. The flaw occurs pre-authentication and within a component of SonicWall’s SSLVPN, which is typically exposed to the Internet. Additionally, while a remote code execution exploit is not yet available, TripWire has stated that a RCE is likely feasible.

ANALYST NOTES

SonicWall has released updates to remediate this flaw, however SonicWall also recommends disconnecting SSL VPN portals as a temporary mitigation until the patch is applied. This vulnerability affects the following versions: • SonicOS 6.5.4.7-83n • SonicOS 6.5.1.12-1n • SonicOS 6.0.5.3-94o • SonicOS 6.5.4.v-21s-987 • Gen 7 7.0.0.0-2 and onwards To read more, please see: https://www.tripwire.com/state-of-security/vert/sonicwall-vpn-portal-critical-flaw-cve-2020-5135/

Contact Support

Please complete the form below and a member of our support team will respond as quickly as possible.