SonicWall SonicOS ↗
SonicWall · Network / Security
0/100 Critical · exploited
Summary iPlain-English security verdict for SonicWall SonicOS, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.
SonicWall SonicOS currently scores 0/100 — critical, with active exploitation. 3 of its known vulnerabilities are being actively exploited in the wild (CISA KEV), including CVE-2024-53704. Upgrade immediately and review your exposure to the actively-exploited CVEs below.
Disclosure trend iNew CVEs published for SonicWall SonicOS each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.
'19
'20
'21
'22
'23
'24
'25
'26
⚠ 2 of its known vulnerabilities are linked to ransomware campaigns (CISA KEV).
Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.
Most urgent first — actively exploited, then likeliest to be exploited.
CVE-2024-53704 CRITICAL ● exploited ⚠ ransomware Improper authentication EPSS 94% → see advisory CVE-2020-5135 CRITICAL ● exploited Buffer overflow EPSS 25% → see advisory CVE-2024-40766 CRITICAL ● exploited ⚠ ransomware Improper access control EPSS 3% → fixed in 6.5.4.15.116n CVE-2019-12255 CRITICAL Buffer overflow EPSS 82% → see advisory CVE-2022-22274 CRITICAL CWE-121 EPSS 49% → see advisory CVE-2021-20031 MEDIUM CWE-601 EPSS 36% → see advisory CVE-2023-0656 HIGH CWE-121 EPSS 31% → see advisory CVE-2019-12260 CRITICAL Buffer overflow EPSS 26% → see advisory CVE-2024-3596 CRITICAL CWE-354 EPSS 22% → see advisory CVE-2019-12261 CRITICAL Buffer overflow EPSS 18% → see advisory CVE-2019-12256 CRITICAL Buffer overflow EPSS 11% → see advisory CVE-2024-22394 CRITICAL Improper authentication EPSS 1% → see advisoryℹ lifecycle unknown — needs latest supported version