Back to KEVs

CVE-2022-2915

A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service...

Basic Information

CVE State
PUBLISHED
Reserved Date
August 19, 2022
Published Date
August 26, 2022
Last Updated
August 03, 2024
Vendor
SonicWall
Product
SMA100
Description
A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions.

CVSS Scores

CVSS v3.1

8.8 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Status

Exploited in the Wild
Yes (2025-10-26 22:32:25 UTC) Source

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0019

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-10-26 22:32:25 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel