SonicOS SSLVPN service unauthenticated release of Invalid pointer to cause Denial of Service (DoS) vulnerability and leads to firewall crash

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3 and SonicOSv 6.5.4.v.
CVE: CVE-2020-5139
Last updated: Oct. 20, 2020, 9:40 a.m.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *