CVE-2026-0206
MEDIUM EPSS 39.3%
Published Apr 29, 20262mo ago · Modified Jun 17, 20261w ago
4.9 CVSS 3.1
Published Apr 29, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago
Description
A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
39.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-121
Affected Products 67
| Vendor | Product | Version | Range |
|---|---|---|---|
| sonicwall | sonicos | * | <6.5.5.2-28n |
| sonicwall | nsa_2650 | * | any |
| sonicwall | nsa_3600 | * | any |
| sonicwall | nsa_3650 | * | any |
| sonicwall | nsa_4600 | * | any |
| sonicwall | nsa_4650 | * | any |
| sonicwall | nsa_5600 | * | any |
| sonicwall | nsa_5650 | * | any |
| sonicwall | nsa_6600 | * | any |
| sonicwall | nsa_6650 | * | any |
| sonicwall | sm_9200 | * | any |
| sonicwall | sm_9250 | * | any |
| sonicwall | sm_9400 | * | any |
| sonicwall | sm_9450 | * | any |
| sonicwall | sm_9600 | * | any |
| sonicwall | sm_9650 | * | any |
| sonicwall | soho_250 | * | any |
| sonicwall | soho_250w | * | any |
| sonicwall | sohow | * | any |
| sonicwall | tz_300 | * | any |
| sonicwall | tz_300p | * | any |
| sonicwall | tz_300w | * | any |
| sonicwall | tz_350 | * | any |
| sonicwall | tz_350w | * | any |
| sonicwall | tz_400 | * | any |
| sonicwall | tz_400w | * | any |
| sonicwall | tz_500 | * | any |
| sonicwall | tz_500w | * | any |
| sonicwall | tz_600 | * | any |
| sonicwall | tz_600p | * | any |
| sonicwall | sonicos | * | ≥7.0.0.0 – ≤7.0.1-5169 |
| sonicwall | sonicos | * | ≥7.1.1-7040 – <7.3.2-7010 |
| sonicwall | nsa_2700 | * | any |
| sonicwall | nsa_3700 | * | any |
| sonicwall | nsa_4700 | * | any |
| sonicwall | nsa_5700 | * | any |
| sonicwall | nsa_6700 | * | any |
| sonicwall | nssp_10700 | * | any |
| sonicwall | nssp_11700 | * | any |
| sonicwall | nssp_13700 | * | any |
| sonicwall | nssp_15700 | * | any |
| sonicwall | nsv_270 | * | any |
| sonicwall | nsv_470 | * | any |
| sonicwall | nsv_870 | * | any |
| sonicwall | tz270 | * | any |
| sonicwall | tz270w | * | any |
| sonicwall | tz370 | * | any |
| sonicwall | tz370w | * | any |
| sonicwall | tz470 | * | any |
| sonicwall | tz470w | * | any |
| sonicwall | tz570 | * | any |
| sonicwall | tz570p | * | any |
| sonicwall | tz570w | * | any |
| sonicwall | tz670 | * | any |
| sonicwall | sonicos | * | ≥8.0.0-8035 – <8.2.0-8009 |
| sonicwall | nsa_2800 | * | any |
| sonicwall | nsa_3800 | * | any |
| sonicwall | nsa_4800 | * | any |
| sonicwall | nsa_5800 | * | any |
| sonicwall | tz280 | * | any |
| sonicwall | tz280w | * | any |
| sonicwall | tz380 | * | any |
| sonicwall | tz380w | * | any |
| sonicwall | tz480 | * | any |
| sonicwall | tz580 | * | any |
| sonicwall | tz680 | * | any |
| sonicwall | tz80 | * | any |
References 1
- psirt.global.sonicwall.com https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.