SonicWall Patches Critical Vulnerability in the Web Management Interface of Firewall Appliances

Vulnerability

SonicWall has issued solutions for a critical-severity vulnerability in numerous firewall appliances’ web administration interfaces.

The security hole, identified as CVE-2022-22274 (CVSS 9.4), is a stack-based buffer overflow bug that affects SonicOS.

A remote, unauthenticated attacker can leverage this flaw to submit crafted HTTP requests to create a denial-of-service (DoS) or execute code in the firewall.

Over 30 SonicWall appliances running software versions 7.0.1-5050 and older, 7.0.1-R579 and older, and 6.5.4.4-44v-21-1452 and earlier are affected by the vulnerability.

SonicWall has released software versions 7.0.1-5051 and 6.5.4.4-44v-21-1519 to patch the problem. A hotfix for the NSsp 15700 firewall will be available in mid-April, according to the company.

Limiting SonicOS administration access to trusted IP addresses is a mitigation option for customers who can’t implement the available updates right away. To do so, you’ll need to change the SonicOS management access rules (SSH/HTTPS/HTTP Management).

“Continue with the temporary mitigation to avoid exploitation for NSsp 15700, or contact the SonicWall support team for a hotfix firmware” (7.0.1-5030-HF-R844). “An official firmware release with essential patches for the NSsp15700 is expected to be available in mid-April 2022,” according to SonicWall.

SonicWall claims that it is unaware of this vulnerability being actively exploited in the wild, and that no proof-of-concept (PoC) code aimed at the flaw is publicly available.

Jennifer Thomas
Jennifer Thomas is the Co-founder and Chief Business Development Officer at Cybers Guards. Prior to that, She was responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services.