SonicWall VPN vulnerability is pretty much as serious as it gets

Patch now, SonicWall VPN customers warned

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

SonicWall has sounded the alarm over a series of security vulnerabilities affecting itsVPNhardware, some of which are classified as “critical”.

As noted in anadvisorypublished by the firm, the issues relate to Secure Mobile Access (SMA) 100-series VPN appliances, and could be abused by an unauthenticated user to achieve root-level remote code execution.

The most serious of the vulnerabilities has been awarded a score of 9.8/10 as per the Common Vulnerability Scoring System (CVSS), as a reflection of the opportunity for an attacker to meddle with access privileges and ultimately seize control of the vulnerableVPN device.

“The vulnerability is due to the SonicWall SMA SSLVPN Apache httpd server GET method of mod_cgi module environment variables use a single stack-based buffer using strcat. This allows remote attacker to cause Stack-based Buffer Overflow and would result in code execution,” explained SonicWall.

SonicWall VPN vulnerabilities

SonicWall VPN vulnerabilities

Discovered bycybersecurityresearchers at Rapid7 and NCCGroup, the eight SonicWall VPN vulnerabilities range in severity from medium to critical, and the majority require no form ofauthenticationin order to exploit.

Mercifully, SonicWall says there is no evidence the vulnerabilities have yet been abused in the wild, but the company has “strongly urged” customers to deploy the relevantpatchesimmediately.

“SonicWall has verified and patched vulnerabilities of critical and medium severity in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities,” wrote the firm.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

However, these are not the only security bugs to expose SonicWall customers in recent history. Since the turn of the year, the company has been forced to release a“critical firmware update”to patch a zero-day affecting SMA 100-series devices, and aseparate patchfor an issue with itsemail security(ES) products.

In July, meanwhile, the companyissued a statementwarning customers of a wave ofransomware attackstargeting products running end-of-life, unpatched firmware.

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Should your VPN always be on?

3 reasons why PIA fell in our best VPN rankings

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well