SonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance.
All organizations using SMA 100 series 10.x or 9.x firmware should apply the respective patches IMMEDIATELY.
Please review the updated KB article for the latest firmware version numbers and follow detailed steps on how to upgrade:
https://www.sonicwall.com/support/product-notification/210122173415410/
Please continue to monitor the specified knowledgebase (KB) article for the latest information.
SonicWall is announcing the availability of a critical firmware update to patch a zero-day vulnerability on SMA 100 series 10.x code.
All SonicWall customers with active SMA 100 series devices running 10.x code should immediately apply the patch on physical and virtual appliances. The patch also contains additional code to strengthen the device.
Organizations should read the KB article in its entirety as it outlines how to upgrade to the latest SMA 100 series 10.x firmware via MySonicWall and provides important details in post-upgrade steps.
SMA 100 Series Devices that Require Patch
As previously stated, SonicWall firewalls and SMA 1000 series appliances, as well as all respective VPN clients, are unaffected and remain safe to use. No action for these products is required.
Please continue to monitor the specified knowledgebase (KB) article for the latest information: https://www.sonicwall.com/support/product-notification/210122173415410/
SonicWall has confirmed a zero-day vulnerability on SMA 100 series 10.x code. SMA 100 firmware prior to 10.x is unaffected by this zero-day vulnerability.
On Sunday, January 31, 2021, the NCC Group alerted the SonicWall Product Security Incident Response Team (PSIRT) about a potential zero-day vulnerability in the SMA 100 series. Our engineering team confirmed their submission as a critical zero-day in the SMA 100 series 10.x code.
SonicWall believes it is extremely important to be transparent with our customers, our partners and the broader cybersecurity community and we are working around the clock to deliver a patch that will address the problem.
This vulnerability affects both physical and virtual SMA 100 10.x devices (SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v). A few thousand devices are impacted.
While SonicWall works to develop, test and release the patch, organizations should follow the updated guidance located here: https://www.sonicwall.com/support/product-notification/210122173415410/
SonicWall firewalls and SMA 1000 series appliances, as well as all respective VPN clients, are unaffected and remain safe to use.
SonicWall believes it is extremely important to be transparent in providing the latest information to our customers, partners and the broader cybersecurity community about the ongoing attacks on global business and government.
As an update to previous communication, SonicWall engineering teams continued their investigation into probable zero-day vulnerabilities and have produced the following update regarding the impacted products:
For additional details, guidance and product usage, customers may reference the KB article, which we will continue to update throughout our investigation.
SonicWall fully understands the challenges previous guidance had in a work-from-home environment, but the communicated steps were measured and purposeful in ensuring the safety and security of our global community of customers and partners.
SonicWall provides cybersecurity products, services and solutions that are designed to help keep organizations safe from increasingly sophisticated cyber threats. As the front line of cyber defense, we have seen a dramatic surge in cyberattacks on governments and businesses, specifically on firms that provide critical infrastructure and security controls to those organizations.
We believe it is extremely important to be transparent with our customers, our partners and the broader cybersecurity community about the ongoing attacks on global business and government.
Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products. The impacted products are:
The NetExtender VPN client and SMB-oriented SMA 100 series are used for providing employees/users with remote access to internal resources.
We are providing mitigation recommendations to our channel partners and customers. For further guidance, please visit: https://www.sonicwall.com/support/product-notification/210122173415410/. We will continue to update this knowledge base (KB) article as more information is available.
Share This Article
An Article By
An Article By
SonicWall Staff
SonicWall Staff