As attacks against VPN devices are on the rise to deliver ransomware payloads, legacy SonicWall Secure Remote Access (SRA) 4600 are being targeted for a SQL injection exploit that was thought to be patched in newer device firmware. CrowdStrike has confirmed that firmware versions 8.x and 9.x are vulnerable to CVE-2019-7481, even when running SMA device firmware versions 9.0.0.4 and 9.0.0.5. SonicWall PSIRT confirmed that legacy SRA devices could use the newer SMA firmware updates and that the devices were interchangeable. After CrowdStrike shared their findings, SonicWall PSIRT confirmed that SRA devices were end of life and that the current mitigation for this issue is to install the latest 10.x SMA firmware.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security