What is CVE-2024-12803?

CVE-2024-12803 is a vulnerability in Sonicwall Sonicos, classified under Stack-based Buffer Overflow. Published 2025-01-09.

Is CVE-2024-12803 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Sonicwall Sonicos

CVE-2024-12803

A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.

Vulnerability class: Buffer Overflow

EPSS: 0.026 (86.0th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sonicos — versions 6.5.4.15-117n and older versions, 7.0.1-5161 and older version, 7.1.2-7019

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004 (vendor-advisory)

Frequently asked questions

What is CVE-2024-12803?: CVE-2024-12803 is a vulnerability in Sonicwall Sonicos, classified under Stack-based Buffer Overflow. Published 2025-01-09.
Is CVE-2024-12803 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.