SonicWall has launched a new software program for its Secure Mobile Access (SMA) 100 series remote access appliances that correct 8 vulnerabilities which include 2 critical and 4 high-severity vulnerabilities.
Threat actors are exploiting vulnerabilities in SonicWall appliances previously in ransomware attacks. Although there are no reported cases of exploiting the most recent batch of vulnerabilities in the wild presently, there is a great risk of these vulnerabilities being taken advantage of when the firmware is not updated immediately. SMA 100 series appliances consist of the SonicWall SMA 200, 210, 400, 410, and 500v secure access gateway products, which are all affected.
The most serious vulnerabilities are buffer overflow concerns which an unauthenticated attacker can exploit remotely to execute code on vulnerable appliances. These are
- CVE-2021-20038 has a CVSS score of 9.8. It is an unauthenticated stack-based buffer overflow vulnerability
- CVE-2021-20045 has a CVSS score of 9.4. It covers several unauthenticated file explorer heap-dependent and stack-based buffer overflow problems.
The 4 high severity vulnerabilities are as follows:
- CVE-2021-20043 has a CVSS score of 8.8. It is a heap-dependent buffer overflow vulnerability that allows remote code execution. However, an attacker must be authenticated.
- CVE-2021-20041 has a CVSS score of 7.5. It is an unauthenticated CPU exhaustion vulnerability.
- CVE-2021-20039 has a CVSS score of 7.2. It is an authenticated command injection vulnerability.
- CVE-2021-20044 has a CVSS score of 7.2. It is a post-authentication remote code execution vulnerability.
Two medium-severity vulnerabilities were also fixed:
- CVE-2021-20040 has a CVSS score of 6.5. It is an unauthenticated file upload path traversal vulnerability.
- CVE-2021-20042 has a CVSS score of 6.3. It is an unauthenticated ‘confused deputy’ vulnerability.
The software update is accessible at MySonicWall.com and must be implemented immediately to avoid exploitation. SonicWall says no temporary mitigations can be used to avoid vulnerability exploitation.