www.belgium.be Logo of the federal government

Warning - A BUFFER OVERFLOW VULNERABILITY IN SONICOS COULD LEAD TO DENIAL OF SERVICE (DOS) ATTACK

Reference: 
Advisory #2023-24
Version: 
1.0
Affected software: 
SonicWall FireWalls 7.0.1-5095 and earlier
SonicWall NSsp Firewall 7.0.1-5083 and earlier
SonicWall NSv Firewalls 6.5.4.4-44v-21-1551 and earlier
Type: 
Unauthenticated stack-based buffer overflow
CVE/CVSS: 

CVE: CVE-2023-0656
CVSS: 7.5

Sources

Security Advisory (sonicwall.com)
NVD - CVE-2023-0656 (nist.gov)

 

Risks

Successful exploitation of CVE-2023-0656 can allow an unauthenticated attacker to cause a Denial-of-Service (DoS) attack and crash impacted firewalls.

Description

A stack-based buffer overflow vulnerability in the SonicOS software can lead to a DoS attack. This impacts only the web management interface. The SonicOS SSLVPN interface is not affected. The vendor has provided a table with the products and the specific impacted platforms and versions affected. 

As of this moment there are no known proof-of-concept (PoC) and exploitation attempts, but the publication of the vulnerability is recent.

Recommended Actions

The CCB recommends following actions depending on the product:

  • For SonicWall FireWalls an upgrade to version 7.0.1-5111 and higher is recommended.
  • For the other products affected (or if an upgrade for the product mentioned above is not possible), restricting management access to trusted sources by modifying SonicOS Management access rules (SSH/HTTPS/HTTP Management) is advised. More info can be found here.