What is CVE-2022-2915?

CVE-2022-2915 is a vulnerability in Sonicwall Sma100, classified under Heap-based Buffer Overflow. Published 2022-08-26.

Is CVE-2022-2915 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Sonicwall Sma100

CVE-2022-2915

A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1…

Vulnerability class: Buffer Overflow

EPSS: 0.007 (72.4th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sma100 — versions 10.2.1.5-34sv and earlier

Weakness classification (CWE)

CWE-122 — Heap-based Buffer Overflow

Public proof-of-concept exploits

ARPSyndicate/cve-scores
FuzzySecurity/IBM-Lunch-Learn-2024

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0019 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2022-2915?: CVE-2022-2915 is a vulnerability in Sonicwall Sma100, classified under Heap-based Buffer Overflow. Published 2022-08-26.
Is CVE-2022-2915 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.