Patch for Sonic Firewall vulnerability CVE-2022-22274 – not for all products

Sicherheit (Pexels, allgemeine Nutzung)[German]Another small addendum from the end of March 2022. There is a vulnerability (CVE-2022-22274) in SonicOS, the operating system for Sonic firewalls, which allows DoS attacks. The manufacturer has now also developed and released an update to close the vulnerability. However, it looks like this update is not offered for all products.


Advertising

I came across this issue a few days ago via the following tweet, which is explained by the colleagues at Bleeping Computer here.

 Sonic Firewall patch for CVE-2022-22274

The vulnerability CVE-2022-22274 was found in SonicOS – as you can read on the linked page. It is a stack buffer overflow that allows a remote attacker to cause a Denial of Service (DoS) attack via HTTP requests or possibly execute code in the firewall. The vulnerability has received a CVE score of 9.4 and is therefore considered critical.

This vulnerability only affects the web management interface, the SonicOS SSLVPN interface is not affected. SonicWall PSIRT is not aware of any active exploitation of the vulnerability. Also, no PoC reports have been published and malicious exploitation of this vulnerability has not been reported to SonicWall, the March 25, 2022 advisory states. SonicWall strongly advises organizations using the affected SonicWall firewalls listed in this SonicWall document to follow the guidance provided.

Impacted Platforms Impacted Version

TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, 

TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700,
NSa 4700, NSa 5700, NSa 6700, NSsp 10700, 

NSsp 11700, NSsp 13700, NSv 270, NSv 470, NSv 870

7.0.1-5050 and older
NSsp 15700 7.0.1-R579 and older

NSv 10, NSv 25, NSv 50, NSv 100, NSv 200, NSv 300,
NSv 400, NSv 800, NSv 1600

6.5.4.4-44v-21-1452 and earlier

The vendor offers firmware updates for affected products to close the vulnerability, according to this advisory. However, there is no update for the NSsp 15700 yet, administrators should continue with SonicWall's suggested measures (see also this article) to temporarily mitigate CVE-2022-22274 to avoid exploitation. Or, one can contact SonicWall's support team for a hotfix firmware (7.0.1-5030-HF-R844). SonicWall expects an official firmware release with the required patches for NSsp15700 to be available in mid-April 2022.


Advertising


Advertising

This entry was posted in devices, Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).