A critical SonicOS vulnerability affecting SonicWall firewall appliances is actively being monitored. Currently, this vulnerability impacts 31 different SonicWall Firewall devices running the following versions:
- 7.0.1-5050 and earlier
- 7.0.1-R579 and earlier
- 6.5.4.4-44v-21-1452 and earlier
Important: SonicWall’s Product Security Incident Response Team (PSIRT) states that there is no evidence that this vulnerability has been made public or is being exploited in the wild. Further, note that the vulnerability only impacts the SonicOS web management interface. The SonicOS SSLVPN interface is not impacted.
Tracked as CVE-2022-22274, the issue is described as a stack-based buffer overflow vulnerability in the SonicOS that could allow a remote, unauthenticated attacker to cause a Denial of Service (DoS) via HTTP request. This vulnerability could also allow remote code execution (RCE) in the firewall. SonicWall has released a security notice urging users to apply the ‘fixed version’ patch applicable to their affected product immediately.
If you are unable to patch immediately, SonicWall strongly recommends that administrators limit SonicOS management access to trusted sources (and/or disable management access from untrusted internet sources) by modifying the existing SonicOS management access rules (SSH/HTTPS/HTTP). This will only allow management access from trusted source IP addresses. Refer to their documentation for more instructions:
- Suggested tips when allowing access to SonicWall web management
- How to restrict Admin access to the device
Pegasus Web Security provides an extra layer of security to help protect your business from cyberattacks. We understand the importance of protecting your business and its information, which is why we offer a variety of services to fit your needs. To learn more about what we do and how we can help keep you protected, visit our website or contact us today.
