Details Released on SonicWall Flaws in SMA-100 Devices

The most serious of the five vulnerabilities disclosed today can lead to unauthenticated remote code execution on affected devices.

Dark Reading Staff, Dark Reading

January 11, 2022

1 Min Read

Details have been released on multiple vulnerabilities affecting the SonicWall Secure Mobile Access (SMA) 100 series of devices, which includes the SMA 200, 210, 400, 410, and 500v.

Rapid7 lead security researcher Jake Baines discovered and reported the flaws to SonicWall in Oct. 2021. SonicWall then published software updates and released fixes to customers and channel partners on Dec. 7. Users of the SonicWall SMA 100 series are urged to apply these updates as soon as possible.

"As these devices are designed to be exposed to the internet, the only effective remediation for these issues is to apply the vendor-supplied updates," Baines wrote in a blog post on his findings.

In his writeup, Baines said the most serious of these issues (CVE-2021-20038) can lead to unauthenticated remote code execution (RCE) on affected devices. By exploiting this vulnerability, an attacker could gain full control of the device or virtual machine running the SMA 100 series device. This could allow them to install malware to obtain authentication data from authorized users, or gain access into the networks that these devices protect.

"Edge-based network control devices are especially attractive targets for attackers, so we expect continued interest in these kinds of devices by researchers and criminal attackers alike," Baines wrote.

Read Rapid7's full blog post for more details on the vulnerabilities.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights