Cyber Resilience

CVE-2023-0656

High

Published: 02 March 2023

Published
02 March 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.3149 96.9th percentile
Risk Priority 34 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-0656 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Sonicwall Sonicos. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 3.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A stack-based buffer overflow vulnerability, tracked as CVE-2023-0656 and assigned CWE-121 and CWE-787, exists in SonicOS. The flaw affects SonicWall firewalls and carries a CVSS 3.1 score of 7.5, reflecting network-accessible attack vectors that require no authentication or user interaction.

A remote unauthenticated attacker can send specially crafted network traffic to trigger the overflow, resulting in a denial-of-service condition that crashes the impacted firewall. The attack requires only low attack complexity and can be launched over the network without any privileges.

The official SonicWall PSIRT advisory SNWLID-2023-0004, published at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004, provides remediation guidance for affected products. The EPSS score for this CVE rose from a low baseline to a peak of 0.4897, with the current value remaining at 0.3149, indicating that exploitation interest increased after public disclosure.

EU & UK References

Vulnerability details

A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sonicwall
sonicos
≤ 7.0.1-5111 · ≤ 7.0.1-5083 · ≤ 6.5.4.4-44v-21-1551

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References