The Hacker NewsTHN:4BB0F5033E84CFC573DF9D7BB5DB4780SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
Network security vendor SonicWall is urging customers to update their SMA 100 series appliances to the latest version following the discovery of multiple security vulnerabilities that could be abused by a remote attacker to take complete control of an affected system.
The flaws impact SMA 200, 210, 400, 410, and 500v products running versions 9.0.0.11-31sv and earlier, 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier. The San Jose-based company credited security researchers Jake Baines (Rapid7) and Richard Warren (NCC Group) for discovering and reporting the shortcomings.
The list of eight security vulnerabilities identified in its remote access products is as follows -
- CVE-2021-20038 (CVSS score: 9.8) - SMA100 Series unauthenticated stack-based buffer overflow vulnerability
- CVE-2021-20039 (CVSS score: 7.2) - SMA 100 Series authenticated command injection vulnerability as root
- CVE-2021-20040 (CVSS score: 6.5) - SMA 100 Series unauthenticated file upload path traversal vulnerability
- CVE-2021-20041 (CVSS score: 7.5) - SMA 100 Series unauthenticated CPU exhaustion vulnerability
- CVE-2021-20042 (CVSS score: 6.3) - SMA 100 Series unauthenticated “Confused Deputy” vulnerability
- CVE-2021-20043 (CVSS score: 8.8) - SMA 100 Series “getBookmarks” heap-based buffer overflow vulnerability
- CVE-2021-20044 (CVSS score: 7.2) - SMA 100 Series post-authentication remote code execution (RCE) vulnerability
- CVE-2021-20045 (CVSS score: 9.4) - SMA 100 Series unauthenticated file explorer heap-based and stack-based buffer overflow vulnerabilities
Successful exploitation of the flaws could allow an adversary to execute arbitrary code, upload specially crafted payloads, modify or delete files located in specific directories, reboot system remotely, bypass firewall rules, and even consume all of the device’s CPU, potentially causing a denial-of-service (DoS) condition.
While there is no evidence that these vulnerabilities are being exploited in the wild, it’s highly recommended that users move quickly to apply the patches in light of the fact that SonicWall devices have become a lucrative target for threat actors to launch a slew of malicious actions in recent months.
Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C