Heap-based Buffer Overflow Vulnerability in SonicWall SMA100 SSLVPN
CVE-2024-40763

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Sma100
Vendor: CVE Published:; 5 December 2024

Summary

Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-based buffer overflow and potentially lead to code execution.

Affected Version(s)

SMA100 Linux 10.2.1.13-72sv and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

Timeline

Vulnerability published
Dec 5, 2024
Vulnerability Reserved
Jul 10, 2024

Credit

Alain Mowat of Orange Cyberdefense, Switzerland.