CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-5135

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score75.8280%
EPSS Percentile95.10th
Published2020年10月12日
Last Modified2025年10月31日

Vulnerability Description

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.

Affected Platforms (CPE)

💻
Sonicwall

Sonicos

<= 6.0.5.3
💻
Sonicwall

Sonicos

>= 6.5.0.0 and <= 6.5.1.11
💻
Sonicwall

Sonicos

>= 6.5.4.0 and <= 6.5.4.7
💻
Sonicwall

Sonicos

= 7.0.0.0
💻
Sonicwall

Sonicosv

<= 6.5.4.4

References & Advisories

🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010
🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5135

関連する脆弱性情報

CVE-2019-74759.8

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user...

CVE-2021-200488.8

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial...

CVE-2021-200468.8

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause D...

CVE-2019-74877.8

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path...