Critical vulnerability CVE-2023-0656 in SonicWall firewalls

[German]SonicWall has issued a security alert SNWLID-2023-0004 as of March 2, 2023. Several applications are at risk from critical vulnerability CVE-2023-0656. A stack-based buffer overflow vulnerability in SonicOS allows an unauthenticated attacker to remotely cause a denial of service (DoS) that can crash an affected firewall.

Blog reader Adrian alerted me to Mastodon about this vulnerability, which was rated with a CVSS of 7.5 (High) (thanks for that). The following products are affected by the stack-based buffer overflow vulnerability , which can allow a remote attacker to launch a Denial of Service (DoS) attack without authentication and can crash an affected firewall.

The above vulnerability only affects the web management interface, the SonicOS SSLVPN interface is not affected. The SonicWall Gen6 and Gen 6.5 firewalls are probably not affected by this vulnerability. The vendor is not aware of any active exploitation of the vulnerability. No PoC reports have been published and malicious exploitation of this vulnerability has not been reported to SonicWall.

SonicWall strongly advises organizations using the affected SonicWall firewalls listed above to follow the guidance provided.

• Until the provided patches can be applied, SonicWall PSIRT strongly recommends that administrators restrict SonicOS management access to trusted sources (and/or disable management access from untrusted Internet sources) by modifying the existing SonicOS management access rules (SSH/HTTPS/HTTP management). This will allow management access only from trusted IP addresses.
• The list of available patches for each product can be found on this web page.

In SonicOS 7.0.1-5111 and later, the vulnerability is closed for certain products. For SonicWall NSsp Firewall NSsp 15700, support should be contacted. There is no security update yet for SonicOS 6.5.4-44v-21-1551 and earlier.