Details have been released on multiple vulnerabilities affecting the SonicWall Secure Mobile Access (SMA) 100 series of devices, which includes the SMA 200, 210, 400, 410, and 500v.
Rapid7 lead security researcher Jake Baines discovered and reported the flaws to SonicWall in Oct. 2021. SonicWall then published software updates and released fixes to customers and channel partners on Dec. 7. Users of the SonicWall SMA 100 series are urged to apply these updates as soon as possible.
“As these devices are designed to be exposed to the internet, the only effective remediation for these issues is to apply the vendor-supplied updates,” Baines wrote in a blog post on his findings.
In his writeup, Baines said the most serious of these issues (CVE-2021-20038) can lead to unauthenticated remote code execution (RCE) on affected devices. By exploiting this vulnerability, an attacker could gain full control of the device or virtual machine running the SMA 100 series device. This could allow them to install malware to obtain authentication data from authorized users, or gain access into the networks that these devices protect.
“Edge-based network control devices are especially attractive targets for attackers, so we expect continued interest in these kinds of devices by researchers and criminal attackers alike,” Baines wrote.
Read Rapid7’s full blog post for more details on the vulnerabilities.