12.08.2021

Sonicwall SMA 100 Series Security Update

MCNC Admin Avatar
By MCNC Admin
Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 12/8/2021

Action Level - Critical

Description

MCNC would like to make you aware of a group of vulnerabilities affecting Sonicwall SMA 100 Series devices. These vulnerabilities could allow an attacker to bypass authentication and execute arbitrary code as root user, upload arbitrary files, or cause a denial of service. Several of the vulnerabilities are critical impact, and Sonicwall recommends updating impacted devices as soon as possible.

Affected Devices

  • SMA 100 Series (SMA 100, 200, 210, 400, 410, 500v)

Affected Firmware versions

  • 9.0.0.11-31sv
  • 10.2.0.8-37sv
  • 10.2.1.1-19sv
  • 10.2.1.2-24sv

First Fixed Firmware versions

  • 10.2.0.9-41sv
  • 10.2.1.3-27sv

Attack Vector

An attacker with remote or local access to an unpatched device.

Attack Feasibility

There is currently no evidence that the vulnerabilities are being exploited in the wild.

Mitigations

There are no known mitigations or workarounds to address this vulnerability.

Remediation

Sonicwall has released firmware updates to remediate these vulnerabilities. Due to the critical nature, they recommend immediate patching

Vendor Resources

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026

<-- Return to Cybersecurity Alerts...

MCNC Admin
MCNC Admin
MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Uslinkedintwitterfacebookyoutube
© 2022 MCNC