Privacy Ninja

SonicWall: Patch Critical SQL Injection Bug Immediately

SonicWall: Patch Critical SQL Injection Bug Immediately

SonicWall has published a security advisory today to warn of a critical SQL injection flaw impacting the GMS (Global Management System) and Analytics On-Prem products.

“SonicWall PSIRT strongly suggests that organizations using the Analytics On-Prem version outlined below should upgrade to the respective patched version immediately,” warns SonicWall in an advisory.

The flaw, tracked as CVE-2022-22280, allows SQL injection due to improper neutralization of special elements used in an SQL Command.

Also Read: 5 Best practices for protecting corporate data when an employee leaves

It carries a severity rating of 9.4, categorizing it as “critical”, and is exploitable from the network without requiring authentication or user interaction, while it also has low attack complexity.

Severity rating for CVE-2022-22280
Severity rating for CVE-2022-22280

SonicWall clarifies that they are not aware of any reports of active exploitation in the wild or the existence of a proof of concept (PoC) exploit for this vulnerability as of yet.

However, applying the available security updates and mitigations is crucial to minimize the chances of attackers exploiting the bug.

Also Read: The necessity of conducting penetration testing and vulnerability assessment

SQL injection is a bug that allows attackers to modify a legitimate SQL query so that it performs unexpected behavior by inputting a string of specially crafted code in a web page’s form or URL query variables.

Using this flaw, attackers can access data they usually should not have access to, bypass authentication, or potentially delete data from the database.

Considering the widespread deployment of SonicWall GMS and Analytics, which are used for central management, rapid deployment, real-time reporting, and data insight, the attack surface is significant and typically on critical organizations.

The recommended action to resolve this vulnerability is to upgrade to GMS 9.3.1-SP2-Hotfix-2 or later and Analytics or later. Any version number below these is vulnerable to CVE-2022-22280.

Additionally, SonicWall recommends the incorporation of a Web Application Firewall (WAF), which should be adequate for blocking SQL injection attacks even on unpatched deployments.

Currently, there is no workaround available for this vulnerability, so all administrators are advised to apply the available security updates.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us