CyberSec.Space Logo
Back to CVE Browser

CVE-2020-5135

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score75.8280%
EPSS Percentile95.10th
PublishedOct 12, 2020
Last ModifiedOct 31, 2025

Vulnerability Description

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.

Affected Platforms (CPE)

πŸ’»
Sonicwall

Sonicos

<= 6.0.5.3
πŸ’»
Sonicwall

Sonicos

>= 6.5.0.0 and <= 6.5.1.11
πŸ’»
Sonicwall

Sonicos

>= 6.5.4.0 and <= 6.5.4.7
πŸ’»
Sonicwall

Sonicos

= 7.0.0.0
πŸ’»
Sonicwall

Sonicosv

<= 6.5.4.4

References & Advisories

πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010
πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5135

Related Vulnerabilities

CVE-2019-74759.8

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user...

CVE-2021-200488.8

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial...

CVE-2021-200468.8

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause D...

CVE-2019-74877.8

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path...