CVE-2022-1701
published 2022-05-13CVE-2022-1701: SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.
PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
4.40%
90.1th percentile
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos_os | — | — |
| juniper | junos_space | — | — |
| linux | linux_kernel | >= 4.10.0 < 4.14.303 | 4.14.303 |
| linux | linux_kernel | >= 4.15.0 < 4.19.270 | 4.19.270 |
| linux | linux_kernel | >= 4.20.0 < 5.4.229 | 5.4.229 |
| linux | linux_kernel | >= 4.9.0 < 4.9.337 | 4.9.337 |
| linux | linux_kernel | >= 5.11.0 < 5.15.86 | 5.15.86 |
| linux | linux_kernel | >= 5.16.0 < 6.0.16 | 6.0.16 |
| linux | linux_kernel | >= 5.5.0 < 5.10.163 | 5.10.163 |
| linux | linux_kernel | >= 6.1.0 < 6.1.2 | 6.1.2 |
| sonicwall | sma | — | — |
| sonicwall | sma_6200_firmware | — | — |
| sonicwall | sma_6200_firmware | — | — |
| sonicwall | sma_6210_firmware | — | — |
| sonicwall | sma_6210_firmware | — | — |
| sonicwall | sma_7200_firmware | — | — |
| sonicwall | sma_7200_firmware | — | — |
| sonicwall | sma_7210_firmware | — | — |
| sonicwall | sma_7210_firmware | — | — |
| sonicwall | sma_8000v_firmware | — | — |
| sonicwall | sma_8000v_firmware | — | — |
| sonicwall | sonicwall_sma1000 | — | — |
| sonicwall | sonicwall_sma1000 | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
cisa7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
osv·2025-12-24
CVE-2022-50779 orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
In the Linux kernel, the following vulnerability has been resolved:
orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
When insert and remove the orangefs module, then debug_help_string will
be leaked:
unreferenced object 0xffff8881652ba000 (size 4096):
comm "insmod", pid 1701, jiffies 4294893639 (age 13218.530s)
hex dump (first 32 bytes):
43 6c 69 65 6e 74 20 44 65 62 75 67 20 4b 65 79 Client Debug Key
77 6f 72 64 73 20 61 72 65 20 75 6e 6b 6e 6f 77 words are unknow
backtrace:
[] kmalloc_trace+0x27/0xa0
[] orangefs_prepare_debugfs_help_string+0x5e/0x480 [orangefs]
[] _sub_I_65535_1+0x57/0xf70 [crc_itu_t]
[] do_one_initcall+0x87/0x2a0
[] do_init_module+0xdf/0x320
[] load_module+0x2f98/0x3330
[] __do_sys_fini
GHSA
GHSA-rxgp-8c89-84pf: SonicWall SMA1000 series firmware 12
ghsa_unreviewed·2022-05-14
CVE-2022-1701 [HIGH] CWE-798 GHSA-rxgp-8c89-84pf: SonicWall SMA1000 series firmware 12
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.
Red Hat
kernel: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
vendor_redhat·2025-12-24
CVE-2022-50779 kernel: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
kernel: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
In the Linux kernel, the following vulnerability has been resolved:
orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
When insert and remove the orangefs module, then debug_help_string will
be leaked:
unreferenced object 0xffff8881652ba000 (size 4096):
comm "insmod", pid 1701, jiffies 4294893639 (age 13218.530s)
hex dump (first 32 bytes):
43 6c 69 65 6e 74 20 44 65 62 75 67 20 4b 65 79 Client Debug Key
77 6f 72 64 73 20 61 72 65 20 75 6e 6b 6e 6f 77 words are unknow
backtrace:
[] kmalloc_trace+0x27/0xa0
[] orangefs_prepare_debugfs_help_string+0x5e/0x480 [orangefs]
[] _sub_I_65535_1+0x57/0xf70 [crc_itu_t]
[] do_one_initcall+0x87/0x2a0
[] do_init_module+0xdf/0x320
[] load_module+0x2f98/0x3330
[] __do_sys
Juniper
CVE-2022-22211: A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved on PTX Series allows an unprivileged attacker to c
vendor_juniper·2022-10-18·CVSS 7.5
CVE-2022-22211 [HIGH] CWE-770 CVE-2022-22211: A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved on PTX Series allows an unprivileged attacker to c
CVE-2022-22211: A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved on PTX Series allows an unprivileged attacker to cause Denial of Service (DoS). Continuously polling the SNMP jnxCosQstatTable causes the FPC to run out of GUID space, causing a Denial of Service to the FPC resources. When the FPC runs out of the GUID space, you will see the following syslog messages. The evo-aftmand-bt process is asserting. fpc1 evo-aftmand-bt[17556]: %USER-3: get_next_guid: Ran out of Guid Space start 1748051689472 end 1752346656767 fpc1 audit[17556]: %AUTH-5: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=17556 comm="EvoAftManBt-mai" exe="/usr/sbin/evo-aftmand-bt" sig=6 fpc1 kernel: %KERN-5: audit: type=1701 audit(1648567505.119:57): auid=429496
SonicWall
CVE-2022-1701: SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.
vendor_sonicwall·2022-05-13·CVSS 7.5
CVE-2022-1701 [HIGH] CWE-321 CVE-2022-1701: SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.
CVE-2022-1701: SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.
CISA
Microsoft Win32k Privilege Escalation Vulnerability
cisa·2022-03-03·CVSS 7.8
CVE-2015-1701 [HIGH] CWE-264 Microsoft Win32k Privilege Escalation Vulnerability
Vulnerability: Microsoft Win32k Privilege Escalation Vulnerability
Affected: Microsoft Win32k
An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-1701
Remediation Due Date: 2022-03-24
No detection rules found.
No public exploits indexed.
Checkpoint
16th May – Threat Intelligence Report
blogs_checkpoint·2022-05-16
CVE-2022-1388 16th May – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 16th May – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 16th May, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
Check Point Research revealed a yearlong campaign targeting German companies, focused on German car dealerships and manufacturers. Threat actors used a vast infrastructure designed to mimic existing German companies and leveraged phishing emails, with a combination of ISO\HTA payloads that, if opened, would infect victims with va
Bugzilla
CVE-2022-50779 kernel: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
bugzilla·2025-12-24
CVE-2022-50779 CVE-2022-50779 kernel: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
CVE-2022-50779 kernel: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
In the Linux kernel, the following vulnerability has been resolved:
orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
When insert and remove the orangefs module, then debug_help_string will
be leaked:
unreferenced object 0xffff8881652ba000 (size 4096):
comm "insmod", pid 1701, jiffies 4294893639 (age 13218.530s)
hex dump (first 32 bytes):
43 6c 69 65 6e 74 20 44 65 62 75 67 20 4b 65 79 Client Debug Key
77 6f 72 64 73 20 61 72 65 20 75 6e 6b 6e 6f 77 words are unknow
backtrace:
[] kmalloc_trace+0x27/0xa0
[] orangefs_prepare_debugfs_help_string+0x5e/0x480 [orangefs]
[] _sub_I_65535_1+0x57/0xf70 [crc_itu_t]
[] do_one_initcall+0x87/0x2a0
[] do_init_module+0xdf/0x320
[] load_module+0x2f98/
2022-05-13
Published