SonicWall ‘strongly urges’ enterprises employing SMA 100 series appliances to patch them promptly against a number of security issues ranging from medium to severe in severity. Even when the web application firewall (WAF) is activated, the vulnerabilities (identified by Rapid7’s Jake Baines and NCC Group’s Richard Warren) affect SMA 200, 210, 400, 410, and 500v appliances.
“SonicWall has verified and patched vulnerabilities of critical and medium severity (CVSS 5.3-9.8) in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities. IMPORTANT: There is no evidence that these vulnerabilities are being exploited in the wild. Details for each patch can be found in PSIRT Advisory SNWLID-2021-0026,” the alert reads.
CVE-2021-20038 and CVE-2021-20045, two significant Stack-based buffer overflow vulnerabilities that potentially allow remote unauthenticated attackers to execute as the ‘nobody’ user on compromised appliances, were the highest severity problems corrected by SonicWall this week. Following successful exploitation, other vulnerabilities patched by the business on Tuesday allow authorized threat actors to acquire remote code execution, insert arbitrary instructions, or upload forged web pages and files to any directory in the appliance.
CVE-2021-20039, on the other hand, is the most severe if not fixed. This critical security flaw allows authorized attackers to run arbitrary commands as the root user, allowing them to control unpatched devices remotely. Fortunately, SonicWall claims that no evidence of these security flaws being exploited in the wild has yet been discovered.
As per a security advisory released by the corporation on Tuesday, “SonicWall urges impacted customers to implement applicable patches as soon as possible.”
Customers using SMA 100 series appliances should log in to their MySonicWall.com accounts right away to update their firmware to the versions listed in this SonicWall PSIRT Advisory. Upgrade instructions for SMA 100 devices may be found in this knowledgebase article or by contacting SonicWall customer service.