Stack-Based Buffer Overflow in SonicWall Firewall
CVE-2023-39279

6.5MEDIUM

Key Information:

Vendor: Sonicwall
Status: Sonicos
Vendor: CVE Published:; 17 October 2023

Summary

SonicWall's SonicOS is susceptible to a stack-based buffer overflow vulnerability found in the getPacketReplayData.json URL endpoint after user authentication. This flaw can result in a crash of the firewall system, potentially disrupting network security functions and exposing systems to further risks. Users and administrators are encouraged to apply the latest patches and monitor their systems for any unusual activities.

Affected Version(s)

SonicOS 7.0.1-5119 and earlier versions

SonicOS 7.0.1-5129 and earlier versions

SonicOS 6.5.4.4-44v-21-2079 and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 17, 2023
Vulnerability Reserved
Jul 27, 2023