Detections
Analytics

SonicWALL TZ Insufficient Verification of Data Authenticity (CVE-2022-47522)

high Tenable OT Security Plugin ID 505200

Synopsis

The remote OT asset is affected by a vulnerability.

Description

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

https://papers.mathyvanhoef.com/usenix2023-wifi.pdf

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc

https://www.wi-fi.org/discover-wi-fi/passpoint

Plugin Details

Severity: High

ID: 505200

File Name: tenable_ot_sonicwall_CVE-2022-47522.nasl

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 2/24/2026

Updated: 2/24/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/o:sonicwall:tz370_firmware:-, cpe:/o:sonicwall:tz670_firmware:-, cpe:/o:sonicwall:tz400w_firmware:-, cpe:/o:sonicwall:tz600_firmware:-, cpe:/o:sonicwall:tz370w_firmware:-, cpe:/o:sonicwall:tz270w_firmware:-, cpe:/o:sonicwall:tz300w_firmware:-, cpe:/o:sonicwall:tz470_firmware:-, cpe:/o:sonicwall:tz470w_firmware:-, cpe:/o:sonicwall:tz350_firmware:-, cpe:/o:sonicwall:tz500_firmware:-, cpe:/o:sonicwall:tz300_firmware:-, cpe:/o:sonicwall:tz600p_firmware:-, cpe:/o:sonicwall:tz400_firmware:-, cpe:/o:sonicwall:tz270_firmware:-, cpe:/o:sonicwall:tz570p_firmware:-, cpe:/o:sonicwall:tz350w_firmware:-, cpe:/o:sonicwall:tz570w_firmware:-, cpe:/o:sonicwall:tz500w_firmware:-, cpe:/o:sonicwall:tz300p_firmware:-, cpe:/o:sonicwall:tz570_firmware:-

Required KB Items: Tenable.ot/SonicWALL

Exploit Ease: No known exploits are available

Patch Publication Date: 4/15/2023

Vulnerability Publication Date: 4/15/2023

Reference Information

CVE: CVE-2022-47522

CWE: 287, 290, 345