Integer-Based Buffer Overflow Vulnerability In SonicOS via IPSec

SonicWall Security Advisory

A Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.
SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a PoC have been made public and malicious use of this vulnerability has not been reported to SonicWall.

CVE: CVE-2024-22396
Last updated: March 12, 2024, 11:11 p.m.