CVE-2023-0656: Buffer Overflow
First published: Thu Mar 02 2023(Updated: )
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
Credit: PSIRT@sonicwall.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWall SonicOS | <=7.0.1-5111 | |
| Sonicwall Nsa 2700 | ||
| Sonicwall Nsa 3700 | ||
| Sonicwall Nsa 4700 | ||
| Sonicwall Nsa 5700 | ||
| Sonicwall Nsa 6700 | ||
| Sonicwall Nssp 10700 | ||
| Sonicwall Nssp 11700 | ||
| Sonicwall Nssp 13700 | ||
| Sonicwall Nsv 270 | ||
| Sonicwall Nsv 470 | ||
| Sonicwall Nsv 870 | ||
| Sonicwall Tz270 | ||
| Sonicwall Tz270w | ||
| Sonicwall Tz370 | ||
| Sonicwall Tz370w | ||
| Sonicwall Tz470 | ||
| Sonicwall Tz470w | ||
| Sonicwall Tz570 | ||
| Sonicwall Tz570p | ||
| Sonicwall Tz570w | ||
| Sonicwall Tz670 | ||
| SonicWall SonicOS | <=7.0.1-5083 | |
| Sonicwall Nssp 15700 | ||
| SonicWall SonicOS | <=6.5.4.4-44v-21-1551 | |
| Sonicwall Nsv 10 | ||
| Sonicwall Nsv 100 | ||
| Sonicwall Nsv 1600 | ||
| Sonicwall Nsv 200 | ||
| Sonicwall Nsv 25 | ||
| Sonicwall Nsv 300 | ||
| Sonicwall Nsv 400 | ||
| Sonicwall Nsv 50 | ||
| Sonicwall Nsv 800 | ||
| SonicWall next-generation firewall (NGFW) | =series 6 | |
| SonicWall next-generation firewall (NGFW) | =series 7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-0656?
CVE-2023-0656 is a stack-based buffer overflow vulnerability in SonicOS.
How can a remote attacker exploit CVE-2023-0656?
A remote unauthenticated attacker can exploit CVE-2023-0656 to cause a Denial of Service (DoS), potentially crashing the affected firewall.
Which version of SonicOS is affected by CVE-2023-0656?
SonicOS version 7.0.1-5111 is affected by CVE-2023-0656.
What is the severity of CVE-2023-0656?
The severity of CVE-2023-0656 is high, with a CVSS score of 7.5.
How can I get more information about CVE-2023-0656?
More information about CVE-2023-0656 can be found at the following reference: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/author
- agent/weakness
- agent/description
- agent/references
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2022-22274
- alias/CVE-2023-0656
- agent/severity
- collector/the-register
- source/The Register
- agent/softwarecombine
- agent/tags
- agent/event
- agent/news-ai
- agent/software-canonical-lookup
- vendor/sonicwall
- canonical/sonicwall sonicos
- version/sonicwall sonicos/7.0.1-5111
- canonical/sonicwall nsa 2700
- canonical/sonicwall nsa 3700
- canonical/sonicwall nsa 4700
- canonical/sonicwall nsa 5700
- canonical/sonicwall nsa 6700
- canonical/sonicwall nssp 10700
- canonical/sonicwall nssp 11700
- canonical/sonicwall nssp 13700
- canonical/sonicwall nsv 270
- canonical/sonicwall nsv 470
- canonical/sonicwall nsv 870
- canonical/sonicwall tz270
- canonical/sonicwall tz270w
- canonical/sonicwall tz370
- canonical/sonicwall tz370w
- canonical/sonicwall tz470
- canonical/sonicwall tz470w
- canonical/sonicwall tz570
- canonical/sonicwall tz570p
- canonical/sonicwall tz570w
- canonical/sonicwall tz670
- version/sonicwall sonicos/7.0.1-5083
- canonical/sonicwall nssp 15700
- version/sonicwall sonicos/6.5.4.4-44v-21-1551
- canonical/sonicwall nsv 10
- canonical/sonicwall nsv 100
- canonical/sonicwall nsv 1600
- canonical/sonicwall nsv 200
- canonical/sonicwall nsv 25
- canonical/sonicwall nsv 300
- canonical/sonicwall nsv 400
- canonical/sonicwall nsv 50
- canonical/sonicwall nsv 800
- canonical/sonicwall next-generation firewall (ngfw)
- version/sonicwall next-generation firewall (ngfw)/series 6
- version/sonicwall next-generation firewall (ngfw)/series 7