SonicWall patches 11 firewall vulnerabilities

Firewall builder SonicWall has patched a total of 11 Common Vulnerabilities and Exposures (CVEs) disclosed to the SonicOS operating system by researchers at Positive Technologies, one of which was assigned a critical CVSS score of 9.4.

The most serious vulnerability, CVE-2020-5135, is a buffer overflow vulnerability in SonicOS Gen 6, version,,, and SonicOS v6.5.4.v. A malicious attacker could use it against an affected product to cause a denial of service (DoS) and execute arbitrary code.

“The tested solution uses SSL-VPN remote access services in the firewall, and in the event of a DoS attack, users can be disconnected from the internal network and workstations,” said Tripwire’s Craig Young. Nikita Abramov, a researcher at Positive Technologies, who worked on the disclosure to. ..

“If an attacker manages to execute arbitrary code, it could launch an attack and break into the company’s internal network,” Abramov said.

The second vulnerability, CVE-2020-5133, is rated 8.2 in the CVSS matrix and could allow an unauthenticated remote attacker to trigger a DoS attack with a buffer overflow, causing a firewall crash. .. Further failures of SonicOS can also be caused by successful exploitation of CVE 2020-5137, 5138, 5139, and 5140, all remotely exploitable, and CVE 2020-5134 and 5136, which are not serious enough to exploit them. ..

According to Positive Technologies, additional vulnerabilities detected include CVE-2020-5141, which allows unauthenticated remote attackers to brute force virtual assist ticket IDs with SSL-VPN services. There is sex. CVE-2020-5142, Cross-Site Scripting (XSS) vulnerability. This allows an unauthenticated remote attacker to execute arbitrary JavaScript code on the firewall’s SSL-VPN portal. CVE-2020-5143 resides on the SonicOS SSL-VPN login page and could allow an unauthenticated remote attacker to perform firewall admin administrator username enumeration based on server response. ..

SonicWall, behind one-fifth of gateway security appliances according to IDC statistics, said it was unaware of the addressed vulnerabilities that were previously actively exploited by cybercriminals.

Customers using affected products are advised to upgrade their firmware. No valid support contract is required.

“This is a modern vendor-researcher collaboration best practice,” said Aria Eslambolchizadeh, Head of Quality Engineering at SonicWall.

“These types of open and transparent relationships protect the integrity of your online landscape and, as in this case, protect you from advanced threats and new vulnerabilities before they affect your end users. To strengthen. “

A complete list of disclosed vulnerabilities is available at SonicWall. There are also instructions and guidance on how to update risky products.

SonicWall patches 11 firewall vulnerabilities

Source link SonicWall patches 11 firewall vulnerabilities

Back to top button