This blog contains information regarding vulnerabilities in the SonicWall SMA 100 series. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.
We updated our blog January 25th 2022. The risk rating, also known as the CVSS-score, is unchanged: 9.8. A score of 9.8 or higher is rare and implies a high risk of exploitation with a high impact.
Update January 25, 2022
14:00 | At the time of writing the initial blog there was no evidence of CVE-2021-20038 being exploited in the wild. However, threat actors are now starting to actively exploit this vulnerability. SonicWall urges impacted customers to implement applicable patches as soon as possible, since there are no temporary mitigations.
By exploiting the CVE-2021-20038 vulnerability a threat actor can get complete control of the device or virtual machine that is running the SMA 100 series appliance.
Update December 9, 2021
14:00 | On the 7th of December, SonicWall has published a Security Advisory addressing eight vulnerabilities in their SMA 100 series appliances. The most severe vulnerabilities addressed by SonicWall are two critical stack-based buffer overflow vulnerabilities registered as CVE-2021-20038 and CVE-2021-20045. Both vulnerabilities may enable an attacker to perform an unauthenticated remote code execution exploit.
We advise to check if your products are listed and apply the required patches as soon as possible.
Reason and background of this blog
This blog contains information about vulnerabilities, the possible risk and advice on how to prevent or limit damage. Below are the possible risks, details and background information.
Potential risk
The vulnerabilities allow a remote attacker to perform arbitrary code execution, a denial-of-service attack on the device, write arbitrary files or bypass firewall rules. Currently there is no evidence that these vulnerabilities are being exploited in the wild. However, the release of patches, often enables attackers to develop exploits. A public exploit for either of these vulnerabilities, is expected.
SonicWall published patches addressing the vulnerabilities named in the Security Advisory of the 7th of December. Applying these patches as soon as possible is advisable. At the time of writing there is no workaround available.
Detail info
In total, SonicWall solved eight vulnerabilities with their patch. Those vulnerabilities impact the SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products.
The vulnerabilities CVE-2021-20038 and CVE-2021-20045 have a CVSS-score of 9.8 and 9.4. These vulnerabilities may enable an attacker to perform an unauthenticated remote code execution exploit. The other vulnerabilities have CVSS-scores ranging from 6.3 to 8.8. The CVSS scale runs from 0 to 10. A score of 9.8 or higher is rare and implies a high risk of exploitation with a high impact.
In the SonicWall Security Advisory the affected products and versions are listed. The advice is to check whether you are using these products and to install the available patch.
The Security Advisory can be found here.
Background
More information:
Subscribe
Do you want to be informed in time? Sign up for our technical updates
Would you like to receive these critical vulnerabilities by e-mail from now on? Enter your e-mail address below.
Tesorion uses your personal data to send out requested information and possibly for contact by telephone and for marketing and sales purposes. You can change your preferences whenever you want. Read our privacy policy for more information.
