CVE-2022-2915

HIGH EXPLOITED

Sonicwall Sma 200 Firmware < 10.2.1.5-34sv - Out-of-Bounds Write

Title source: rule

Description

A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions.

References (1)

[Vendor Advisory] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0019

Scores

CVSS v3 8.8

EPSS 0.0097

EPSS Percentile 76.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

VulnCheck KEV 2025-10-23

Classification

CWE

CWE-122 CWE-787

Status published

Affected Products (5)

sonicwall/sma_200_firmware < 10.2.1.5-34sv

sonicwall/sma_210_firmware < 10.2.1.5-34sv

sonicwall/sma_400_firmware < 10.2.1.5-34sv

sonicwall/sma_410_firmware < 10.2.1.5-34sv

sonicwall/sma_500v_firmware < 10.2.1.5-34sv

Timeline

Published Aug 26, 2022

Tracked Since Feb 18, 2026