While there are no known “exploits in the wild” all ADMINs should ensure their Sonic Wall VPN facilities have the latest OCT-2020 security updates in place. SANS ISC rates this vulnerability as a “PATCH NOW” security issue
SonicWall released updates last week which fix this vulnerability and several others. Although no known exploit has been detected in the wild. I expect, give recent historical attacks on VPNs, I would expect this one will get a lot of interest from bad guys. I strongly recommend updating as soon as reasonable. Discovered by Tripwire VERT, CVE-2020-5135 is a buffer overflow vulnerability in the popular SonicWall Network Security Appliance (NSA) which can permit an unauthenticated bad guy to execute arbitrary code on the device.
The following versions of SonicWall are vulnerable:
SonicOS 126.96.36.199-79n and earlier
SonicOS 188.8.131.52-4n and earlier
SonicOS 184.108.40.206-93o and earlier
SonicOSv 220.127.116.11-44v-21-794 and earlier