CVE-2020-5139

HIGH

Sonicwall Sonicos < 5.9.1.13 - Denial of Service

Title source: rule

Description

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.

References (1)

[Vendor Advisory] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014

Scores

CVSS v3 7.5

EPSS 0.0050

EPSS Percentile 66.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-763

Status published

Products (3)

sonicwall/sonicos 7.0.0.0

sonicwall/sonicos < 5.9.1.13

sonicwall/sonicosv < 6.5.4.4

Published Oct 12, 2020

Tracked Since Feb 18, 2026