Skip to main content

SonicWall End-Of-Life Products are Being Actively Attacked by Ransomware

Release Date: 16 Jul 2021 2443 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

SonicWall are being actively attacked by ransomware actors (attackers) to unpatched End-Of-Life SRA & SMA 8.X remote access devices using stolen credentials.

 

Notes:

  • These vulnerabilities are reported to have been exploited in the wild.

Impact

  • Cross-Site Scripting
  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • SSL-VPN 200/2000/400
  • SRA 4200/1200
  • SRA 4600/1600
  • SMA 400/200
  • SMA 210/410/500v

Solutions

  • SSL-VPN 200/2000/400, SRA 4200/1200, SRA 4600/1600:
    • Disconnect immediately
    • Reset passwords
    • Replace by vendor supported product model
  • SMA 400/200:
    • Update to 10.2.0.7-34 or 9.0.0.10 immediately
    • Reset passwords
    • Enable MFA
  • SMA 210/410/500v:
    • Firmware 9.x should immediately update to 9.0.0.10-28sv or later
    • Firmware 10.x should immediately update to 10.2.0.7-34sv or later

 

Please visit the vendor web-site for more details.


Vulnerability Identifier

  • No CVE information is available

Source


Related Link