SonicWall is strongly urging organizations using Secure Mobile Access (SMA) 100 series appliances to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical. The bugs (reported by Rapid7’s Jake Baines and NCC Group’s Richard Warren) impact SMA 200, 210, 400, 410, and 500v appliances, even when the web application firewall (WAF) is enabled. The highest severity flaws patched by SonicWall this week are CVE-2021-20038 and CVE-2021-20045, two critical Stack-based buffer overflow vulnerabilities that can let remote unauthenticated attackers execute as the ‘nobody’ user in compromised appliances. Other bugs patched by the company enable authenticated threat actors to gain remote code execution, inject arbitrary commands, or upload crafted web pages and files to any directory in the appliance following successful exploitation. However, the most dangerous vulnerability is CVE-2021-20039. This high severity security issue can let authenticated attackers inject arbitrary commands as the root user leading to a remote takeover of unpatched devices. Luckily, SonicWall says that it hasn’t yet found any evidence of any of these security vulnerabilities being exploited in the wild.
Analyst Notes
“SonicWall urges impacted customers to implement applicable patches as soon as possible,” the company says in a security advisory published Tuesday. Customers using SMA 100 series appliances are advised to immediately log in to their MySonicWall.com accounts to upgrade the firmware to versions outlined in the SonicWall PSIRT Advisory. Upgrade assistance on how to upgrade the firmware on SMA 100 appliances is available on the Sonic Wall website.
https://www.bleepingcomputer.com/news/security/sonicwall-strongly-urges-customers-to-patch-critical-sma-100-bugs/
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026