A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. As of today, Shodan shows over 800,000 VPN devices running vulnerable SonicOS software versions. The vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. The vast attack surface available to adversaries means companies should upgrade their devices immediately. The vulnerability is tracked as CVE-2020-5135.
Source: https://www.bleepingcomputer.com/news/security/critical-sonicwall-vulnerability-affects-800k-firewalls-patch-now/