Contents:
SonicWall provides a variety of Internet appliances, the majority of which are aimed at content management and network security.
SonicWall’s solutions are utilized by over 500,000 commercial clients in 215 countries and territories across the world, many of them being installed on the networks of the world’s leading corporations and government organizations.
What Happened?
SonicWall’strongly advises’ enterprises that use SMA 100 series appliances to patch them promptly against several security issues with CVSS ratings ranging from medium to critical.
As reported by BleepingComputer, the vulnerabilities affect SMA 200, 210, 400, 410, and 500v appliances even when the web application firewall (WAF) is activated.
CVE-2021-20038 and CVE-2021-20045, two serious Stack-based buffer overflow vulnerabilities that potentially allow remote unauthenticated attackers to execute as the ‘nobody’ user on compromised appliances, were fixed by SonicWall this week.
Following successful exploitation, further issues patched by the business on Tuesday allow authorized threat actors to acquire remote code execution, insert arbitrary instructions, or upload forged web pages and files to any directory in the appliance.
CVE-2021-20039, on the other hand, is the most harmful if unpatched. This critical security flaw allows authorized attackers to execute arbitrary commands as the root user, resulting in a remote takeover of unpatched systems.
Fortunately, SonicWall claims that it has not yet discovered any evidence of any of these security flaws being exploited in the wild.
SonicWall has verified and patched vulnerabilities of critical and medium severity (CVSS 5.3-9.8) in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities.
What Should the SonicWall Customers Do?
Customers who own SMA 100 series appliances should immediately log in to MySonicWall.com and upgrade the firmware to the versions mentioned in this SonicWall PSIRT Advisory.
Organizations using SMA 100 series appliances should immediately log in to MySonicWall.com to upgrade their appliances to the patched firmware versions outlined below. For upgrade assistance, please reference the KB article, “How to Upgrade Firmware on SMA 100 Series Appliances” or contact SonicWall support.
Upgrade instructions for upgrading the firmware for SMA 100 appliances may be found on this knowledgebase page or by contacting SonicWall support.
To put the necessity of correcting these security holes into perspective, SonicWall SMA 100 appliances have been attacked many times by ransomware gangs since the beginning of 2021.
How to Stay Safe Using Heimdal™?
Vulnerability management should remain a top priority for all businesses out there that always try to have the best means for facilitating their organization’s cybersecurity. Existing software is not perfect, being home for vulnerabilities from time to time. To keep the threat those bugs pose to your network apart, an automated Patch Management Solution will help you take care of your vulnerability management efficiently and use your time wisely.
Our tool lets you deploy any patch no matter where you are now, using command-line scripting to cover patches from Microsoft to third-party and proprietary software. But what is even nicer about our tool is the vendor to end-user waiting time: in less than 4 hours from the release, you have your patch tested and repackaged, and ready to be deployed. Curious? Go and find more about our Patch Management Solution!
Did you enjoy this article? Follow us on LinkedIn, Twitter, Facebook, Youtube, or Instagram to keep up to date with everything we post!