Security vulnerabilities are part of our day to day world. Patching equipment will always mitigate risks. Below we keep track of the big ones for our vendors.
October 12 2020
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 220.127.116.11, 18.104.22.168, 22.214.171.124 and SonicOSv 6.5.4.v.
September 28 2020
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.