Description
A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.
Published: 2026-04-29
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack‑based buffer overflow in SonicOS requires the attacker to be authenticated and results in the crash of a firewall device. The detailed description states that the flaw causes a device reset rather than granting code execution, so the primary consequence is an interruption of network services. The exploited vulnerability is a classic CWE‑121 type overflow, implying insufficient bounds checking in a critical subsystem.

Affected Systems

The vulnerability affects SonicWall devices running the SonicOS operating system. No specific firmware or hardware versions are disclosed in the available data, so all SonicOS installations are potentially at risk until an update is applied.

Risk and Exploitability

Since the flaw is post‑authentication, an attacker must first obtain valid credentials to reach the vulnerable code path. The CVSS score of 4.9 indicates moderate overall risk, and the EPSS score is not available. The vulnerability is not listed in the CISA KEV catalog. Because the exploit would only terminate the device’s operation, the impact is limited to availability, but it could disrupt critical traffic if the system is not redundant, thus representing a significant risk to operational continuity.

Generated by OpenCVE AI on April 30, 2026 at 14:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the latest SonicOS firmware release that contains the buffer‑overflow fix from the SonicWall support portal.
  • Restrict administrative access to the firewall by limiting management interfaces to a secure, isolated network segment, enforce least‑privilege user accounts, and enable multi‑factor authentication to reduce the chance of credential compromise.
  • Set up monitoring for firewall restarts or service interruptions, and configure automatic fail‑over or manual reboot procedures to restore connectivity promptly when a crash occurs.

Generated by OpenCVE AI on April 30, 2026 at 14:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Title Post‑Authentication Buffer Overflow in SonicOS Causes Firewall Crash

Wed, 29 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Sonicwall
Sonicwall sonicos
Vendors & Products Sonicwall
Sonicwall sonicos

Wed, 29 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 29 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Description A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.
Weaknesses CWE-121
References

Subscriptions

Sonicwall Sonicos
cve-icon MITRE

Status: PUBLISHED

Assigner: sonicwall

Published:

Updated: 2026-04-29T17:00:31.592Z

Reserved: 2025-10-30T10:54:33.982Z

Link: CVE-2026-0206

cve-icon Vulnrichment

Updated: 2026-04-29T17:00:24.191Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-29T17:16:40.633

Modified: 2026-04-30T15:11:12.703

Link: CVE-2026-0206

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T14:00:22Z

Weaknesses