Table of Contents
  • Home
  • /
  • Blog
  • /
  • How To Fix CVE-2022-22274- A Critical Buffer Overflow Vulnerability In SonicOS (SonicWall Firewall)
March 30, 2022
|
6m

How To Fix CVE-2022-22274- A Critical Buffer Overflow Vulnerability In SonicOS (SonicWall Firewall)


How To Fix Cve 2022 22274 A Critical Buffer Overflow Vulnerability In Sonicos

SonicWall has published an advisory about a critical buffer overflow vulnerability in SonicOS, a default operating system developed for SonicWall firewall products. The flaw tracked under CVE-2022-22274 has a score of 9.4 (Critical) as per the CVSSv3 scoring system. The flaw allows remote unauthenticated attackers to perform Denial of Service (DoS) and Remote Code Execution attacks on the vulnerable versions of firewalls. We recommend that users of SonicWall products read this post about How to Fix CVE-2022-22274- A Critical Buffer Overflow Vulnerability in SonicOS.

Summary Of CVE-2022-22274- A Critical Buffer Overflow Vulnerability In SonicOS:

The advisory says that this is a stack-based buffer overflow vulnerability in the web-based management interface of SonicOS. Attackers could exploit this flaw just by sending a specially crafted HTTP request to the web management interface and carrying out attacks like Denial of Service (DoS) and Remote Code Execution on the vulnerable versions of SonicOS.

SonicWall also confirmed that this vulnerability impacts only the web interface of the OS. The SSLVPN interface is still safe from the flaw. Moreover, the team also stated that there is no active exploitation seen so far that the PoC is not made public. Lets see the summary of the attack vector in the below table.

Associated CVE IDCVE-2022-22274
DescriptionA Stack-based buffer overflow vulnerability in the SonicOS that allows a remote unauthenticated attacker to perform RCE and DoS attacks on victims.
Associated ZDI ID
CVSS Score9.4 Critical
VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)Low
Integrity (I)High
availability (a)High

SonicWall Products Affected By The CVE-2022-22274 Vulnerability:

The vulnerability affects 31 different SonicWall products that run SonicOS v7.0.1-5050 and earlier. 7.0.1-R579 and earlier, and 6.5.4.4-44v-21-1452 and earlier. Please have the comprehensive information in the below table.

Impacted VersionImpacted Platforms

7.0.1-5050 and older
TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSv 270, NSv 470, NSv 870
7.0.1-R579 and olderNSsp 15700
6.5.4.4-44v-21-1452 and earlierNSv 10, NSv 25, NSv 50, NSv 100, NSv 200, NSv 300, NSv 400, NSv 800, NSv 1600

List Of SonicWall Products Not Affected By CVE-2022-22274:

Firewall GenerationsPlatforms Not Impacted


SonicWall Gen5 Firewalls
SOHO, TZ100, TZ100W, TZ105, TZ105W, TZ200,TZ200W, TZ205, TZ205W, TZ210, TZ210W, TZ215,TZ215W, NSA220, NSA220W, NSA240, NSA2400, NSA2400MX, NSA250M, NSA250MW, NSA3500, NSA4500, NSA5000, NSAE5500, NSAE6500, NSAE7500, NSAE8500, NSAE8510


SonicWall Gen6 Firewalls
SOHOW, SOHO 250, SOHO 250W, TZ300, TZ300P, TZ300W, TZ350, TZ350W, TZ400, TZ400W, TZ500,  TZ500W, TZ600, TZ600P , NSA 2600, NSA3600, NSA4600, NSA5600, NSA6600, SM9200, SM9400, SM9600, SM9800, SM10200, SM10400, SM10800, NSsp12400, NSsp12800
SonicWall Gen 6.5 FirewallsNSa 2650, NSa3650, NSa4650, NSa5650,NSa6650, NSa9250, NSa9450, NSa9650

How To Fix CVE-2022-22274- A Critical Buffer Overflow Vulnerability In SonicOS?

We recommend all SonicWall users upgrade to the SonicOS or Firmware version to patch the Buffer Overflow Vulnerability. SonicWall products that run SonicOS v7.0.1-5050 and earlier should upgrade to 7.0.1-5051 and higher, v7.0.1-R579 and earlier should upgrade to 7.0.1-5030-HF-R844 released mid-April, and 6.5.4.4-44v-21-1452 and earlier should upgrade to 6.5.4.4-44v-21-1519 and higher. Please see the below table for complete information.

ProductImpacted PlatformsImpacted VersionFixed Version

SonicWall FireWalls
TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570,TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700,NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700,NSv 270, NSv 470, NSv 870
7.0.1-5050 and earlier

7.0.1-5051 and higher

SonicWall NSsp Firewall

NSsp 15700

7.0.1-R579 and earlier

Mid-April (Hotfix build 7.0.1-5030-HF-R844)
SonicWall NSv FirewallsNSv 10, NSv 25, NSv 50, Nsv 100, NSv 200,NSv, 300, NSv 400, NSv 800, NSv 16006.5.4.4-44v-21-1452 and earlier6.5.4.4-44v-21-1519 and higher

How to Fix Buffer Overflow Vulnerability in SonicOS?

Upgradation is the best way to permanently fix the buffer overflow vulnerability. You can follow these steps to upgrade SonicWall OS.

Step 1. Backup all the settings

1. Click Click Device > Settings > Firmware and Settings, select the Import/Export Configuration > export configuration option to export all the settings to a .EXP file

2. And you can also click 
Create Backup > Local Backup to save a copy of the existing Settings to SonicWalls non-volatile memory.

Step 2. Downloading New Firmware

1. Login to MySonicWall.com

2. Click 
Product Management > My Products. Select the device that you want to upgrade and hover the mouse on the Firmware icon to see the firmware version.

3. Scroll down and click on the
Browse All Firmware button to see all available versions.

4. Click the
download button next to the firmware version that you wish to download.

Step 3. Importing the New Firmware

1. Upon downloading the new firmware, navigate to Devices > Settings > Firmware and Settings. 

2. Click 
Upload Firmware browse the downloaded firmware file, then click Upload.

Step 4. Boot from new firmware

1. You will have two options:

1.
Uploaded Firmware with current configuration

2.
Uploaded Firmware with Factory Default configuration

2. Choose the option as per your need, then click the 
power button beside that. The device will boot with the new Firmware version. Thats all. 

How To Mitigate CVE-2022-22274- A Critical Buffer Overflow Vulnerability In SonicOS?

Firmware upgradation is the best solution to fix the flaw. However, if in case you are not in a position to apply the patches any time soon. It is good to follow these mitigations until you patch the firmware.

  1. Restrict SonicOS management access to a trusted source. It is good to isolate the interface from the internet or at least deploy it behind the VPN or firewalls.

  2. Follow these instructions to mitigate the CVE-2022-22274 vulnerability.

  3. How to allowing access to SonicWall web management 

  4. How to restrict Admin access to the device

We hope this post would help you know How to Fix CVE-2022-22274- A Critical Buffer Overflow Vulnerability in SonicOS. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this. 

You may also like these articles:

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Vulnerabilities

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe