Sonicwall reports a highly dangerous vulnerability in its firewall operating system SonicOS: A stack-based buffer overflow allows remote attackers with a Denial of Service (DoS) to crash the affected firewall.
Sonicwall is required to report a dangerous vulnerability in SonicOC with a rating of 7,5 High. CVE-2023-0656 describes the dangerous issue: "The stack-based buffer overflow vulnerability in SonicOS allows a remote, unauthenticated attacker to trigger Denial of Service (DoS), which could lead to an affected firewall crashing." However, Sonicwall states that the vulnerability has not yet been actively exploited. But as we all know, it's only a matter of time.
Web management interface affected
Sonicwall further states that the vulnerability only affects the web management interface. Access via the SonicOS SSLVPN interface is not affected. However, it is recommended that the vulnerability be patched or access restricted immediately: "Until the following patches can be applied, SonicWall PSIRT strongly recommends administrators to restrict SonicOS management access to trusted sources (and/or management access from untrusted Internet sources to disable) by modifying the existing SonicOS management access rules (SSH/HTTPS/HTTP management). This allows management access only from trusted source IP addresses.”
Some patches are not yet available
Sonicwall recommends Gen6 NSv with the temporary access restriction to avoid exploitation. An official firmware release with the necessary patches for Gen2023 NSv is expected to be available by mid-March 6.
Patch 7.0.1-5111 is intended to be used on these affected devices: TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSv 270, NSv 470, NSv 870.
For NSsp 15700 you should contact support and for NSv 10, NSv 25, NSv 50, NSv 100, NSv 200, NSv 300, NSv 400, NSv 800, NSv 1600 you should use access restrictions.
More at SonicWall.com
About SonicWall SonicWall provides limitless cybersecurity for an extremely decentralized work environment where everyone is remote, mobile and potentially at risk. Thanks to SonicWall, companies that have to find their way in a changing world of work benefit from seamless protection against highly developed threats that attack their network via countless points of attack and increasingly mobile and cloud-based employees. With the identification of unknown threats, advanced real-time monitoring functions and outstanding cost-effectiveness, SonicWall is helping companies, government agencies and SMBs around the world to close the cybersecurity gap.