-
Products
-
Gen 7 Firewalls
SonicWall's Gen 7 platform-ready firewalls offer performance with stability and superior threat protection — all at an industry-leading TCO.
Read More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Product Notice: SMA 1000 Series affected by Remote Code Execution in SSH vulnerability
First Published:07/30/2024
Last Updated:07/30/2024
Overview
- CVE-2024-6387: Remote Code Execution Vulnerability
- CVSS Score: 8.1
SonicWall Secure Mobile Access 12.4.3, including earlier versions are installed with OpenSSH’s server (sshd). A security regression was recently discovered which can lead sshd to handle some signals in an unsafe manner.
Impact: Successfully leveraging CVE-2024-6387 against Secure Mobile Connect could result in an unauthenticated remote attacker gaining root access to the device. It should be noted however, this vulnerability has only been verified against 32-bit systems. While it may be theoretically possible to exploit a 64-bit system, it is much more difficult. So much so that there has been no successful demonstration of this exploit against a 64-bit system thus far at the time of this article’s writing.
IMPORTANT: SonicWall is not aware of active exploitation in the wild. There have not been any reports of malicious use of this vulnerability reported to SonicWall.
Product Impact
Please review the table below to see the products and their versions that are impacted:
| Impacted Product(s) | Impacted OS | Impacted Versions |
| SMA 1000 (all models) | Linux | 12.4.3 and earlier versions |
Mitigation
Because this vulnerability depends on an SSH session to exploit, SonicWall highly recommends disabling or restricting the IP addresses listed as Remote Hosts. Disabling SSH entirely thus prevents any access to SSH and therefore fully mitigates this vulnerability.
See KB article: Enabling SSH Access from Remote Hosts
Remediation
| Impacted Product(s) | Impacted OS | Impacted Versions | Fixed Version |
| SMA 1000 (all models) | Linux | 12.4.3 and earlier versions | 12.4.3-02676 (July Hotfix) |
SonicWall strongly advises Secure Mobile Access customers to upgrade to the latest release version.
Related information
Follow Us
© 2024 SonicWall. All Rights Reserved.