SNWLID-2020-0010 Denial of Service (DoS) vulnerability in the SonicOS due to buffer overflow and pot
Nat
Newbie
Hi,
According to https://psirt.global.sonicwall.com/vuln-list
Gen6 device with firmware 6.5.1 will have to upgrade to 6.5.1.12 but I don't think all gen6 device will have 6.5.1.12 firmware.
May I know this vulnerability affected all gen6 NSA device? If I am using 6.5.1, I will need to upgrade to 6.5.4.7?
Category: Firewall Security Services
0
Best Answer
-
CORRECT ANSWER
shiprasahu93
Moderator
@Nat,
The SM devices have 6.5.1.12 as the latest firmware as of now. We have introduced a lot of new features and fixes for other models post 6.5.1.X. So, the other firewall models should be upgraded to 6.5.4.7-83n.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
5
Answers
Hello @Nat,
The vulnerability CVE-2020-5135 is present on all firmware versions 6.5.4.4 and earlier. It is fixed on 6.5.4.7-83n firmware version.
It would be best to upgrade all firewalls to 6.5.4.7 version.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi @shiprasahu93
So there will be no 6.5.1.12 release?
If we want to stay on 6.5.1.X, there will be no update?
Hi @shiprasahu93
What about the Gen 5 units?
Hello @Ajishlal,
Gen 5 devices are not affected by the vulnerability CVE-2020-5135.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi @shiprasahu93
Well noted. for Gen 6, 6.5.4.7-83n Firmware is stable?
I read somewhere that, the edge browser not compatible with 6.5.4.7-83n.
Hi,
We have an NSA2600 and I've checked the MySonicWall Download Centre but it doesn't list the 6.5.4.7 firmware for this model. The latest it has is 6.5.4.6. Do you know when this patch be available for the NSA2600?
Hello @AussieCraig,
6.5.4.7-83n is web posted for all Gen 6 TZ, NSA and SM 9k models. It should be available on mysonicwall account already.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
SonicWall response updated