Product Notice: Buffer Overflow Vulnerability In SonicOS IPsec

First Published:07/17/2024 Last Updated:07/17/2024

Overview

Heap-based buffer overflow vulnerability in the SonicOS IPSec allows an unauthenticated remote attacker to cause Denial of Service (DoS).

Product Impact 

Please review the table below to see if your firewall appliance is impacted. If your appliance is using an impacted firmware version, please follow the provided patch guidance.

Gen

Impacted Models

Impacted Version

Gen 6

NSv 10, NSv 25, NSv 50, NSv 100, NSv 200,
 NSv 300, NSv 400, NSv 800, NSv 1600

SonicOSV 6.5.4.4-44v-21-2395 and earlier.

Gen 7

TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700, NSv 270, NSv 470, NSv 870

SonicOS 7.1.1-7051 and earlier,
SonicOS 7.0.1-5151 and earlier


NOTE: Physical firewall appliances using SonicOS 5.x, 6.x and 6.5.x are not impacted.

Workaround 

To minimize potential impact please restrict inbound IPSec VPN access to trusted sources or disable IPSec VPN access from Internet sources, then apply the patch available at MySonicWall  as soon as possible for impacted products. For help with upgrading the firmware, please refer to: How can I upgrade SonicOS Firmware?

Remediation 

Users will need to upgrade their impacted models to the versions mentioned in the table below if they are running SonicOS version which is impacted by this vulnerability.

Gen

Fixed Models

Fixed Version

Gen 6

NSv 10, NSv 25, NSv 50, NSv 100, NSv 200,
 NSv 300, NSv 400, NSv 800, NSv 1600

SonicOSV 6.5.4.4-44v-21-2457

Gen 7

TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700, NSv 270, NSv 470, NSv 870

SonicOS 7.1.1-7058,
SonicOS 7.0.1-5161,
SonicOS 7.1.2-7019


NOTE: If you are already running SonicOS 7.1.1-7058 then you do not require any additional action at this moment.

Related information