SonicWall SSL-VPN SMA100 version 10.X is affected by multiple vulnerabilities

First Published:12/04/2023 Last Updated:12/04/2023

Overview

  • CVE-2023-44221: Post Authentication OS Command Injection Vulnerability (CVSS Score: 7.2)
    Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.
    Impact:Successfully leveraging CVE-2023-44221 against impacted SMA 100 devices can result in the post-authenticated remote attacker with administrative privilege being able to inject arbitrary commands which can potentially lead to OS command execution on the appliance.
  • CVE-2023-5970 - Post Authentication External User MFA Bypass Vulnerability (CVSS Score: 6.3)
    Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user, resulting in an MFA bypass.
    Impact: Successfully leveraging CVE-2023-5970 against impacted SMA 100 devices can result in the post-authenticated remote attacker being able to bypass the SMA100 MFA feature which can potentially lead to access to the globally defined SSL-VPN portal bookmarks and resources in the appliance.

IMPORTANT: SonicWall is not aware of active exploitation in the wild. There have not been any reports of malicious use of this vulnerability reported to SonicWall.

Product Impact

Please review the table below to see if your SMA appliance is impacted. If your appliance is using an impacted firmware version, please follow the provided patch guidance.

Impacted Product(s)

Impacted Platform

Impacted Versions

SMA 100 Series

SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v

10.2.1.9-57sv and earlier versions.

Remediation

Product

Impacted Platforms

Impacted
Version

Fixed Version

SMA 100 Series

SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v

10.2.1.9-57sv and earlier versions.

10.2.1.10-62sv and higher versions

Related information