Sonicwall Critical Security Updates
Date of Notice: 07/13/2023
Action Level - Critical
Sonicwall has released updates patching multiple critical vulnerabilities on their GMS Firewall Management and Analytics Network Reporting Engine software. If exploited they could allow an attacker to bypass authentication and access sensitive data on a vulnerable device. While there are no reports of active exploitation yet, due to the serious nature of these vulnerabilities Sonicwall recommends investigating potentially impacted devices and updating to a fixed version if you are affected.
- GMS - Virtual Appliance 9.3.2-SP1 and earlier versions
- GMS - Windows 9.3.2-SP1 and earlier versions
- Analytics - 220.127.116.11-R7 and earlier versions
An attacker with network or local access to a device with these tools
There are currently no reported exploits for this vulnerability.
There are no mitigations to these vulnerabilities
Update to a current supported version of Sonicwall GMS and Analytics.