Buffer Overflow Vulnerability in SonicWall's SonicOS Management
CVE-2024-12803

7.2HIGH

Key Information:

Vendor: Sonicwall
Status: Sonicos
Vendor: CVE Published:; 9 January 2025

Summary

A stack-based buffer overflow vulnerability in the management interface of SonicWall's SonicOS has been identified, which allows remote authenticated attackers to cause a denial of service on the firewall. Exploiting this vulnerability could potentially enable attackers to execute arbitrary code, compromising network security and stability.

Affected Version(s)

SonicOS Gen6 Hardware 6.5.4.15-117n and older versions

SonicOS Gen6 Hardware 7.0.1-5161 and older version

SonicOS Gen6 Hardware 7.1.2-7019

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2025
Vulnerability Reserved
Dec 19, 2024

Credit

Catalpa of DBappSecurity Co. Ltd.