Urgent patch out for exploited SonicWall SMA zero-day

By

Admin credential access and remote code execution attacks spotted.

Firewall vendor SonicWall now has a patch available to address the critical zero-day vulnerability in its SMA 100-series appliances.

Urgent patch out for exploited SonicWall SMA zero-day

The new firmware, 10.2.0.5-29sv, handles a Structured Query Language command injection vulnerability that's rated as 9.8 out of 10 on the Common Vulnerabilities Scoring System, and which security vendor NCC Group reported to SonicWall earlier this month.

An unauthenticated remote attacker can issue SQL queries to access login credentials, to obtain other session-related information, and execute arbitrary code remotely, SonicWall warned.

SonicWall SMA 200, 210, 400 and 410 physical appliances are affected by the bug, along with the SMA 500v virtual one for Microsoft Azure and HyperV, AWS and VMware ESXi.

The company has pulled vulnerable SMA 100 series 10.x images from the AWS and Azure marketplaces, and will submit updated ones as soon as possible.

SonicWall expects the approval process for resubmitting the updated images to take several weeks, but customers using Azure and AWS clouds can patch via incremental updates.

While full details of the vulnerability have not been released by SonicWall, NCC Group hinted that it is in the management interface of affected devices.

One of the NCC Group researchers who reported the bug to SonicWall suggested administrators should set up centralised logging to capture anomalous requests to the /cgi-bin/management binary from the internet, to spot attackers trying to bypass authentication.

SonicWall advises users of its products to immediately apply the patch to avoid exploitation.

A mitigation measure using the built-in Web Application Firewall (WAF) in SMA products is available, and SonicWall is adding 60 days of complimentary entitlement for registered users.

However, the mitigation does not replace the need to apply the patched firmware, SonicWall said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
firewallnetworkingsecuritysonicwallzeroday

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

Health signs $33m networks deal with Optus

Health signs $33m networks deal with Optus
NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul
Optus quietly delays mobile-to-satellite service launch

Optus quietly delays mobile-to-satellite service launch
Defence trials AI radiocomms deception technology

Defence trials AI radiocomms deception technology
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?