SonicWall SMA 100 series vulnerabilities
This blog contains information regarding vulnerabilities in the SonicWall SMA 100 series. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog. We updated our blog January 25th 2022. The risk rating, also known as the CVSS-score, is unchanged: 9.8. A score of 9.8 or higher is rare and implies a high risk of exploitation with a high impact.
T-Update
his blog contains information regarding vulnerabilities in the SonicWall SMA 100 series. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.
We updated our blog January 25th 2022. The risk rating, also known as the CVSS-score, is unchanged: 9.8. A score of 9.8 or higher is rare and implies a high risk of exploitation with a high impact.
Update January 25, 2022
14:00 | At the time of writing the initial blog there was no evidence of CVE-2021-20038 being exploited in the wild. However, threat actors are now starting to actively exploit this vulnerability. SonicWall urges impacted customers to implement applicable patches as soon as possible, since there are no temporary mitigations.
By exploiting the CVE-2021-20038 vulnerability a threat actor can get complete control of the device or virtual machine that is running the SMA 100 series appliance.
Update December 9, 2021
14:00 | On the 7th of December, SonicWall has published a Security Advisory addressing eight vulnerabilities in their SMA 100 series appliances. The most severe vulnerabilities addressed by SonicWall are two critical stack-based buffer overflow vulnerabilities registered as CVE-2021-20038 and CVE-2021-20045. Both vulnerabilities may enable an attacker to perform an unauthenticated remote code execution exploit.
We advise to check if your products are listed and apply the required patches as soon as possible.
Background
The vulnerabilities allow a remote attacker to perform arbitrary code execution, a denial-of-service attack on the device, write arbitrary files or bypass firewall rules. Currently there is no evidence that these vulnerabilities are being exploited in the wild. However, the release of patches, often enables attackers to develop exploits. A public exploit for either of these vulnerabilities, is expected. SonicWall published patches addressing the vulnerabilities named in the Security Advisory of the 7th of December. Applying these patches as soon as possible is advisable. At the time of writing there is no workaround available.
Risk
In total, SonicWall solved eight vulnerabilities with their patch. Those vulnerabilities impact the SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products.
The vulnerabilities CVE-2021-20038 and CVE-2021-20045 have a CVSS-score of 9.8 and 9.4. These vulnerabilities may enable an attacker to perform an unauthenticated remote code execution exploit. The other vulnerabilities have CVSS-scores ranging from 6.3 to 8.8. The CVSS scale runs from 0 to 10. A score of 9.8 or higher is rare and implies a high risk of exploitation with a high impact.
In the SonicWall Security Advisory the affected products and versions are listed. The advice is to check whether you are using these products and to install the available patch.
The Security Advisory can be found here.
Advice
In the SonicWall Security Advisory the affected products and versions are listed. The advice is to check whether you are using these products and to install the available patch.
The Security Advisory can be found here.
Sources
Sign up to receive T-Updates
Receive the latest vulnerabilities in your email every Wednesday
More than 1,000 organisations have already joined us.
