CVE-2023-0656

A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could...

Basic Information

CVE State: PUBLISHED
Reserved Date: February 02, 2023
Published Date: March 02, 2023
Last Updated: March 07, 2025
Vendor: SonicWall
Product: SonicOS
Description: A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
Tags

CVSS Scores

CVSS v3.1

7.5 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Score: 37.94% (Percentile: 97.01%) as of 2025-05-26

SSVC Information

Exploitation: none
Automatable: Yes
Technical Impact: partial

Exploit Status

Exploited in the Wild: Yes (2025-05-05 00:00:00 UTC) Source

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-04-28 00:00:00 UTC

Timeline

CVE ID Reserved

February 02, 2023
CVE Published to Public

March 02, 2023
Added to KEVIntel

April 28, 2025