cbcvebase.
CVE-2022-2915
published 2022-08-26

CVE-2022-2915: A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the…

PriorityP274high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.36%
68.2th percentile
A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions.

Affected

7 ranges
VendorProductVersion rangeFixed in
sonicwallsma
sonicwallsma100
sonicwallsma_200_firmware<= 10.2.1.5-34sv
sonicwallsma_210_firmware<= 10.2.1.5-34sv
sonicwallsma_400_firmware<= 10.2.1.5-34sv
sonicwallsma_410_firmware<= 10.2.1.5-34sv
sonicwallsma_500v_firmware<= 10.2.1.5-34sv

Detection & IOCsextracted from sources · hover to see the quote

  • ·Vulnerability affects SonicWall SMA100 appliances running firmware version 10.2.1.5-34sv and earlier; patch to a version newer than 10.2.1.5-34sv to remediate.
  • ·Exploitation requires the attacker to be remotely authenticated, reducing but not eliminating attack surface; monitor for authenticated sessions from unexpected sources.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.