Cyber Resilience

CVE-2020-5135

CriticalCISA KEVActive ExploitationEUVD Exploited

Published: 12 October 2020

Published
12 October 2020
Modified
31 October 2025
KEV Added
15 March 2022
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.2549 96.3th percentile
Risk Priority 55 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-5135 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Sonicwall Sonicos. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 3.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

A buffer overflow vulnerability tracked as CVE-2020-5135 exists in SonicOS, the operating system used by SonicWall firewalls. The flaw, categorized under CWE-120, affects SonicOS Gen 6 versions 6.5.4.7, 6.5.1.12, and 6.0.5.3, SonicOSv 6.5.4.v, and Gen 7 version 7.0.0.0. It carries a CVSS 3.1 base score of 9.8, reflecting network-accessible attack conditions with no required authentication or user interaction.

A remote attacker can exploit the issue by sending a crafted request directly to the firewall, resulting in a denial of service and potential arbitrary code execution on the affected device.

The vulnerability is documented in SonicWall PSIRT advisory SNWLID-2020-0010 and appears in the CISA Known Exploited Vulnerabilities catalog, confirming observed in-the-wild exploitation activity against unpatched systems.

EU & UK References

Vulnerability details

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv…

more

6.5.4.v and Gen 7 version 7.0.0.0.

CWE(s)
KEV Date Added
15 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sonicwall
sonicos
7.0.0.0 · ≤ 6.0.5.3 · 6.5.0.0 — 6.5.1.11 · 6.5.4.0 — 6.5.4.7
sonicwall
sonicosv
≤ 6.5.4.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of all input to the firewall to reject or sanitize malformed requests that trigger the buffer overflow.

prevent

Applies memory-protection mechanisms that block exploitation of the buffer-overflow condition even if input validation is incomplete.

prevent

Mandates prompt installation of vendor patches that eliminate the CWE-120 flaw in the affected SonicOS versions.

References