CVE-2020-5135: SonicOS Buffer Overflow Vulnerability Alert
On October 16, 2020, SonicWALL officially released a risk notice for SonicOS. The vulnerability level is critical. The vulnerability score is 9.4. There is a buffer overflow vulnerability (CVE-2020-5135) in SonicOS. Remote attackers can use this vulnerability to send malicious requests to the firewall, eventually leading to a denial of service (DoS) attack and potentially executing arbitrary code.
Affected version
- SonicOS 6.5.4.6-79n and earlier
- SonicOS 6.5.1.11-4n and earlier
- SonicOS 6.0.5.3-93o and earlier
- SonicOSv 6.5.4.4-44v-21-794 and earlier
- SonicOS 7.0.0.0-1
Unaffected version
- SonicOS 6.5.4.7-83n
- SonicOS 6.5.1.12-1n
- SonicOS 6.0.5.3-94o
- SonicOS 6.5.4.v-21s-987
- Gen 7 7.0.0.0-2 and onwards
Solution
In this regard, we recommend that users upgrade Sonic OS to the latest version in time.
