Urgent patch out for exploited SonicWall SMA zero-day

By on
Urgent patch out for exploited SonicWall SMA zero-day

Admin credential access and remote code execution attacks spotted.

Firewall vendor SonicWall now has a patch available to address the critical zero-day vulnerability in its SMA 100-series appliances.

The new firmware, 10.2.0.5-29sv, handles a Structured Query Language command injection vulnerability that's rated as 9.8 out of 10 on the Common Vulnerabilities Scoring System, and which security vendor NCC Group reported to SonicWall earlier this month.

An unauthenticated remote attacker can issue SQL queries to access login credentials, to obtain other session-related information, and execute arbitrary code remotely, SonicWall warned.

SonicWall SMA 200, 210, 400 and 410 physical appliances are affected by the bug, along with the SMA 500v virtual one for Microsoft Azure and HyperV, AWS and VMware ESXi.

The company has pulled vulnerable SMA 100 series 10.x images from the AWS and Azure marketplaces, and will submit updated ones as soon as possible.

SonicWall expects the approval process for resubmitting the updated images to take several weeks, but customers using Azure and AWS clouds can patch via incremental updates.

While full details of the vulnerability have not been released by SonicWall, NCC Group hinted that it is in the management interface of affected devices.

One of the NCC Group researchers who reported the bug to SonicWall suggested administrators should set up centralised logging to capture anomalous requests to the /cgi-bin/management binary from the internet, to spot attackers trying to bypass authentication.

SonicWall advises users of its products to immediately apply the patch to avoid exploitation.

A mitigation measure using the built-in Web Application Firewall (WAF) in SMA products is available, and SonicWall is adding 60 days of complimentary entitlement for registered users.

However, the mitigation does not replace the need to apply the patched firmware, SonicWall said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
firewall ncc group networking security sonicwall zeroday

Sponsored Whitepapers

Move beyond passwords
Move beyond passwords
The top 5 tech trends to deliver business outcomes
The top 5 tech trends to deliver business outcomes
10 reasons why businesses need to invest in cloud security training
10 reasons why businesses need to invest in cloud security training
Your guide to application security solutions
Your guide to application security solutions
State of Software Security: Open Source Edition
State of Software Security: Open Source Edition

Events

Most Read Articles

TPG Telecom to start enticing NBN customers to move

TPG Telecom to start enticing NBN customers to move
Infosys scores another $40m for Centrelink payments engine build

Infosys scores another $40m for Centrelink payments engine build
Telstra InfraCo opens up telco's own fibre network

Telstra InfraCo opens up telco's own fibre network
Transport for NSW data stolen in Accellion breach

Transport for NSW data stolen in Accellion breach
You must be a registered member of iTnews to post a comment.
| Register

Log In

Username / Email:
Password:
  |  Forgot your password?