Description
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Attack Vector
- network
- Complexity
- low
- Privileges
- none
- User Action
- none
- Scope
- unchanged
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-284NVD-CWE-noinfo
Metadata
- Primary Vendor
- SONICWALL
- Published
- 8/23/2024
- Last Modified
- 10/31/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
sonicwall : sonicossonicwall : sonicossonicwall : sonicossonicwall : sonicos
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.