CVE-2022-22279

MEDIUM EXPLOITED RANSOMWARE

Secure Remote Access/SMA <9.0.0.5-19sv - Info Disclosure

Title source: llm

Exploitation Summary

CVE-2022-22279 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns.

Description

A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0006

Scores

CVSS v3 4.9

EPSS 0.0054

EPSS Percentile 68.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2023-05-15

Ransomware Use Confirmed

CWE

CWE-22 CWE-23

Status published

Products (5)

sonicwall/sma_210_firmware < 9.0.0.10-28sv

sonicwall/sma_410_firmware < 9.0.0.10-28sv

sonicwall/sma_500v_firmware < 9.0.0.10-28sv

sonicwall/sra_1200_firmware < 9.0.0.5-19sv

sonicwall/sra_4200_firmware < 9.0.0.5-19sv

Published Apr 13, 2022

Tracked Since Feb 18, 2026