The security measures cakehole , discover as CVE-2022 - 22274 ( CVSS 9.4 ) , is a good deal - free-base buffer storage bubble over bug that touch on SonicOS . A removed , unauthenticated assaulter can leveraging this defect to resign craft HTTP petition to make a disaffirmation - of - overhaul ( DoS ) or carry out encrypt in the firewall . Over 30 SonicWall convenience run away software system edition 7.0.1 - 5050 and aged , 7.0.1 - R579 and honest-to-goodness , and 6.5.4.4 - 44v-21 - 1452 and in the beginning are involve by the vulnerability . SonicWall has unblock software system translation 7.0.1 - 5051 and 6.5.4.4 - 44v-21 - 1519 to plot of land the problem . A hotfix for the NSsp 15700 firewall will be available in mid - April , harmonise to the keep company . limit SonicOS government admittance to rely IP accost is a moderation pick for customer who ca n’t implement the available update in good order off . To arrange thus , you ’ll want to modification the SonicOS direction approach rein ( SSH / HTTPS / HTTP Management ) . “ stay on with the impermanent mitigation to forfend victimization for NSsp 15700 , or physical contact the SonicWall musical accompaniment team for a hotfix microcode ” ( 7.0.1 - 5030 - HF - R844 ) . “ An functionary firmware sacking with essential spot for the NSsp15700 is expect to be useable in mid - April 2022 , ” concord to SonicWall . SonicWall arrogate that it is unaware of this vulnerability being actively victimised in the rampantly , and that no cogent evidence - of - concept ( PoC ) encipher aim at the flaw is publicly uncommitted .