RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

SonicWall SonicOS

Product
Developers: SonicWALL
Last Release Date: 2020/10/22
Technology: OS

Main article: Operating systems

2020: Closing of 11 vulnerabilities in SonicOS

On October 22, 2020 the Positive Technologies company reported that the SonicWall company corrected the vulnerabilities in the SonicOS operating system detected by the expert of Positive Technologies Nikita Abramov.

The most serious vulnerability of CVE-2020-5135 revealed by Positive Technologies and Craig Tripwire belongs to the high level of danger on CVSS v3 scale (9.4 points). Vulnerability of buffer overflow in SonicOS allows the removed malefactor to cause failure in service (DoS) and to potentially execute any code.

File:Aquote1.png
As as a part of the tested solution there is a service for providing remote access of SSL-VPN, in case of refusal in service (DoS) users of the enterprise can be disconnected from the jobs and internal network. If the malefactor has an opportunity to execute any code, the risk of development of the attack for illegitimate penetration into intra-company networks can appear,

— Nikita Abramov, Positive Technologies tells
File:Aquote2.png

File:Aquote1.png
It is an example of model practice of interaction of the producer and researchers. Such open and transparent relations protect integrity of a digital medium and provide the best protection against the APT attacks and new vulnerabilities before they influence end users,

— the head of qaulity of SonicWall speaks Arius Eslambolchizadekh,
File:Aquote2.png

Vulnerability of CVE-2020-5135 affected SonicOS 6.5.4.7-79n, SonicOS 6.5.1.11-4n, SonicOS 6.0.5.3-93o and SonicOSv 6.5.4.4-44v-21-794 (together with earlier versions of these products). For correction of CVE-2020-5135 it is necessary to update built in by software (depending on the used product) to the next versions: SonicOS 6.5.4.7-83n, SonicOS 6.5.1.12-1n, SonicOS 6.0.5.3-94o or SonicOS 6.5.4.v-21s-987.

Other vulnerability in SonicOS got ID CVE-2020-5133 and assessment 8.2 on CVSS v3 scale. It allows the removed malefactor who did not undergo authentication to cause buffer overflow and failure in service that will lead to failure of the firewall.

Failures in SonicOS can be caused also at operation of vulnerabilities of CVE-2020-5137, CVE-2020-5138, CVE-2020-5139, CVE-2020-5140 (all have assessment 7.5, removed not authenticated malefactors can use them) and also vulnerabilities of CVE-2020-5134 and CVE-2020-5136 (assessment 6.5, are available to authenticated users).

Besides, remote not authenticated attacking can pick up the password to the ticket system and to requests of users of technical support of Virtual Assist ticket ID of the SSL-VPN portal (error CVE-2020-5141 with assessment 6.5). In addition, by means of vulnerability of cross-site accomplishment of the scenarios CVE-2020-5142 (assessment 6.5) the removed malefactor who did not undergo authentication can potentially execute any JavaScript code on the SSL-VPN portal of the firewall. At last, CVE-2020-5143 (assessment 5.3) can give the chance to the remote user without authentication on the page of an input SonicOS SSL-VPN to obtain information on a name of the administrator of control of the firewall on the basis of answers of the server.