October 24, 2020

CVE-2020-5135: SonicOS Buffer Overflow Vulnerability Alert

1 min read
On October 16, 2020, SonicWALL officially released a risk notice for SonicOS. The vulnerability level is critical. The vulnerability score is 9.4. There is a buffer overflow vulnerability (CVE-2020-5135) in SonicOS. Remote attackers can use this vulnerability to send malicious requests to the firewall, eventually leading to a denial of service (DoS) attack and potentially executing arbitrary code.
CVE-2020-5135

Affected version

  • SonicOS 6.5.4.6-79n and earlier
  • SonicOS 6.5.1.11-4n and earlier
  • SonicOS 6.0.5.3-93o and earlier
  • SonicOSv 6.5.4.4-44v-21-794 and earlier
  • SonicOS 7.0.0.0-1

Unaffected version

  • SonicOS 6.5.4.7-83n
  • SonicOS 6.5.1.12-1n
  • SonicOS 6.0.5.3-94o
  • SonicOS 6.5.4.v-21s-987
  • Gen 7 7.0.0.0-2 and onwards

Solution

In this regard, we recommend that users upgrade Sonic OS to the latest version in time.