A stack‑based buffer overflow occurs in SonicOS certificate handling when a user authenticates and processes a certificate. The flaw allows a remote attacker who can authenticate to a SonicWall firewall to send a specially crafted certificate that causes the device to crash, resulting in a denial of service. This weakness is a classic buffer overflow (CWE‑121).

The vulnerability affects SonicWall devices running SonicOS firmware, specifically the NSA 2700, NSA 2800, NSA 3700, NSA 3800, NSA 4700, NSA 4800, NSA 5700, NSA 5800, NSA 6700 families and the NSSP 10700, 11700, 13700, 15700, NSV270, NSV470, NSV870, TZ270, TZ270W, TZ280, TZ370, TZ370W, TZ380, TZ470, TZ470W, TZ480, TZ570, TZ570P, TZ570W, TZ580, TZ670, TZ680, TZ80, and legacy SonicOS firmware devices. The exact firmware versions impacted are not listed in the data but all devices running the affected SonicOS versions are susceptible.

The CVSS score of 4.9 indicates a moderate impact with a low to medium likelihood of exploitation, reflected by an EPSS score of less than 1%. The flaw does not appear in the CISA KEV catalog, suggesting no widespread exploitation reports to date. However, the attacker must first authenticate to the device, implying that compromised or privileged credentials are needed. Once authenticated, the attacker can send a malformed certificate or trigger the buffer overflow during certificate processing, causing the firewall to crash and disrupt traffic.