Critical vulnerability CVE-2023-0656 in SonicWall firewalls

Sicherheit (Pexels, allgemeine Nutzung)[German]SonicWall has issued a security alert SNWLID-2023-0004 as of March 2, 2023. Several applications are at risk from critical vulnerability CVE-2023-0656. A stack-based buffer overflow vulnerability in SonicOS allows an unauthenticated attacker to remotely cause a denial of service (DoS) that can crash an affected firewall.


Advertising

Blog reader Adrian alerted me to Mastodon about this vulnerability, which was rated with a CVSS of 7.5 (High) (thanks for that). The following products are affected by the stack-based buffer overflow vulnerability , which can allow a remote attacker to launch a Denial of Service (DoS) attack without authentication and can crash an affected firewall.

Impacted Platforms Impacted Version
SonicWall FireWalls
TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W,

TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700,
NSa 4700, NSa 5700, NSa 6700, NSsp 10700,

NSsp 11700, NSsp 13700, NSv 270, NSv 470, NSv 870

7.0.1-5095 and earlier versions
SonicWall NSsp Firewall NSsp 15700 7.0.1-5083 and earlier versions
SonicWall NSv FireWalls
NSv 10, NSv 25, NSv 50, NSv 100, NSv 200, NSv 300,
NSv 400, NSv 800, NSv 1600
6.5.4.4-44v-21-1551 and earlier versions

The above vulnerability only affects the web management interface, the SonicOS SSLVPN interface is not affected. The SonicWall Gen6 and Gen 6.5 firewalls are probably not affected by this vulnerability. The vendor is not aware of any active exploitation of the vulnerability. No PoC reports have been published and malicious exploitation of this vulnerability has not been reported to SonicWall.

SonicWall strongly advises organizations using the affected SonicWall firewalls listed above to follow the guidance provided.

  • Until the provided patches can be applied, SonicWall PSIRT strongly recommends that administrators restrict SonicOS management access to trusted sources (and/or disable management access from untrusted Internet sources) by modifying the existing SonicOS management access rules (SSH/HTTPS/HTTP management). This will allow management access only from trusted IP addresses.
  • The list of available patches for each product can be found on this web page.

In SonicOS 7.0.1-5111 and later, the vulnerability is closed for certain products. For SonicWall NSsp Firewall NSsp 15700, support should be contacted. There is no security update yet for SonicOS 6.5.4-44v-21-1551 and earlier.


Advertising

This entry was posted in Security, Software, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).