A critical flaw was found in the operating system, SonicOS, used to support certain SonicWall firewalls. Here's what you need to know.
On March 24 2022, network security company, SonicWall, issued a security advisory about a critical vulnerability (CVE-2022-22274) found in SonicOS, the software that runs SonicWall devices. Exploitation of the vulnerability could lead to a denial-of-service (DoS) attack that would render the device temporarily inoperable or potentially allow for code execution on the firewall. This could result in the compromise of the firewall and facilitate additional attacks.
Quick facts: what you need to know now
- Impacted platforms include TZ, NSa, NSsp, and NSv firewalls running versions 7.0.1-5050 and earlier, 7.0.1-R579 and earlier, and 126.96.36.199-44v-21-1452 and earlier.
- There are no reports of working exploits or active exploitation at this time.
- This vulnerability ONLY impacts the "web management" interface, not the SonicOS SSL VPN.
Next Steps for SonicWall Firewall Customers:
- Assess whether your organization is running an affected version and update to the latest firmware by applying the “Fixed Version” patch to the affected SonicWall products.
- If updates are not possible, limit web management access to only allowed IP addresses.
- Check this article periodically over the next few weeks as we will keep it updated as more information becomes available.
- SonicWall: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003
- The Hacker News: https://thehackernews.com/2022/03/critical-sonicos-vulnerability-affects.html
If you have any questions, please reach out to the Risk + Response Team at firstname.lastname@example.org!