CVE-2020-5135
published 2020-10-12CVE-2020-5135: A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a…
PriorityP186critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITWRansomware
CISA Known Exploited Vulnerabilitydue 2022-04-05
Exploited in the wild
EPSS
26.87%
97.8th percentile
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | sonicos | <= 6.0.5.3 | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | 6.5.0.0 – 6.5.1.11 | — |
| sonicwall | sonicos | 6.5.4.0 – 6.5.4.7 | — |
| sonicwall | sonicosv | <= 6.5.4.4 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit vector is a specially crafted HTTP request sent to a vulnerable SonicWall device by a remote, unauthenticated attacker; monitor for anomalous/malformed HTTP requests targeting SonicOS management or SSL-VPN interfaces. ↗
- →Use Shodan queries for 'SonicWALL firewall http config' and 'SonicWALL SSL-VPN http proxy' to identify internet-exposed SonicWall devices in your attack surface that may be vulnerable. ↗
- ·The original CVE-2020-5135 patch was incomplete; SonicWall issued a new advisory (SNWLID-2021-0006) and CVE-2021-20019 to address the residual issue. Ensure the correct follow-on patches are applied, not just the original October 2020 fix. ↗
- ·SonicWall's own advisory contains a version discrepancy for the 6.5.4.x branch: the affected range is listed as 'SonicOS 6.5.4.7-83 and below' in one place and '6.5.4.8-83 and below' in the fixed software table. Verify the exact affected/fixed version against the official advisory. ↗
- ·At time of publication, patches for SonicOS 6.0.5.3-94o and below and SonicOS 6.5.1.12-3n and below were still pending; confirm current patch availability before assuming full remediation. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
cisa9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vw5m-894x-7rp4: A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending
ghsa_unreviewed·2022-05-24
CVE-2020-5135 [CRITICAL] CWE-119 GHSA-vw5m-894x-7rp4: A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
VulnCheck
SonicWall SonicOS Buffer Overflow Vulnerability
vulncheck·2020·CVSS 9.8
CVE-2020-5135 [CRITICAL] CWE-120 SonicWall SonicOS Buffer Overflow Vulnerability
SonicWall SonicOS Buffer Overflow Vulnerability
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.
Affected: SonicWall SonicOS
Required Action: Apply updates per vendor instructions.
Known Ransomware Campaign Use: Known
Exploitation References: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/2022-unit42-ransomware-threat-report-final.pdf; https://static.tenable.com/marketing/whitepapers/Whitepaper-Ransomware_Ecosystem.pdf; https://www.ivanti.com/resources/v/doc/pr-survey-report/ransomware-quarterly-indexreport_q2-q3; https://cert-in.org.in/P
CISA
SonicWall SonicOS Buffer Overflow Vulnerability
cisa·2022-03-15·CVSS 9.8
CVE-2020-5135 [CRITICAL] CWE-120 SonicWall SonicOS Buffer Overflow Vulnerability
Vulnerability: SonicWall SonicOS Buffer Overflow Vulnerability
Affected: SonicWall SonicOS
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-5135
Remediation Due Date: 2022-04-05
No detection rules found.
No public exploits indexed.
Checkpoint
28th June – Threat Intelligence Report
blogs_checkpoint·2021-06-28
CVE-2021-21998 28th June – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 28th June – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 28th June, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
Russian-based threat group Nobelium is using password spraying and brute force attacks to gain access to corporate networks. The group, which was behind the SolarWinds supply-chain attack, deployed an information-stealing Trojan on a Microsoft customer support agent’s computer to steal information. Over half of the targets were
Tenable
CVE-2021-20019: SonicWall Fixes Incomplete Patch for CVE-2020-5135
blogs_tenable·2021-06-23·CVSS 9.8
[CRITICAL] CVE-2021-20019: SonicWall Fixes Incomplete Patch for CVE-2020-5135
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
CVE-2020-5135: Critical SonicWall VPN Portal Stack-based Buffer Overflow Vulnerability
blogs_tenable·2020-10-15·CVSS 9.8
[CRITICAL] CVE-2020-5135: Critical SonicWall VPN Portal Stack-based Buffer Overflow Vulnerability
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
2020-10-12
Published
2022-03-15
Added to CISA KEV
Exploited in the wild