Vulnerability Details : CVE-2020-5135
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
Vulnerability category: OverflowExecute codeDenial of service
CVE-2020-5135 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
SonicWall SonicOS Buffer Overflow Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2020-5135
Added on
2022-03-15
Action due date
2022-04-05
Exploit prediction scoring system (EPSS) score for CVE-2020-5135
2.68%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less