April 2021
Update: April 29, 2021, 12:30 P.M. CSTSonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance.Upgrade StepsAll organizations using SMA 10.x or SMA 9.x firmware should immediately implement the following:Upgrade to the latest SMA 100 series firmware available from www.mysonicwall.com.SMA 100 series 10.x customers should upgrade to 10.2.0.7-34sv firmware.SMA 100 series 9.x customers should
Through the course of standard collaboration and testing, SonicWall has verified, tested and published patches to mitigate three zero-day vulnerabilities to its hosted and on-premises email security products.In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’ It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version listed belo
October 2020
The SonicWall Product Security Incident Response Team (PSIRT) collaborated with a third-party research firm to test, confirm and correct discovered vulnerabilities related to physical and virtual SonicWall next-generation firewall appliances. These findings included:In some cases, vulnerabilities allowed remote attackers to cause Denial of Service (DoS) attacks against a firewall, which may lead to an appliance crash.In some cases, there existed a cross-site scripting (XSS) vulnerability in the firewall's SSL-VPN portal as well as possible user
Knowledge BaseHow Do I Configure The SSL-VPN Feature For Use With NetExtender Or Mobile Connect?How Can I Enable Port Forwarding And Allow Access To A Server Through The SonicWall?How Can I Configure WAN GroupVPN For Connecting With Global VPN Client?How Can I Setup SSL-VPN?L2TP VPN Configuration On Mac OS XPornographic Websites Not Blocked Due To "Not Rated" CategorizationHow Do I Recover Or Reset The Administrator Password For A SonicWall Firewall Appliance?How To Configure High Availability (HA)SSL VPN Client Is Connected And Authenticated B
September 2020
There exists a potential domain name collision vulnerability in SonicWall SSL-VPN technology that could result from a security misconfiguration of the impacted products.SonicWall is not aware that the reported vulnerability has been exploited or that any customer has been negatively impacted by the vulnerability.A domain name collision occurs when an attempt to resolve a name used in a private namespace (e.g., under a non-delegated top-level domain, or a short, unqualified name) results in a query to the public Domain Name System (DNS). When th
A vulnerability in SonicWall’s cloud-based product registration system that was publicly reported by a media outlet was quickly researched, verified and promptly patched on August 26, 2020. Approximately two weeks earlier, SonicWall identified the reported vulnerability (SNWLID-2020-0005) as part of its PSIRT program, and rapidly created a fix that underwent full testing and certification.At no time did SonicWall detect, or become aware of, any attempted exploitation of the vulnerability in the cloud-based product registration system. The fix w
SonicWall SwitchesSonicWall Switches offer multi-gigabit wired performance that lets you rapidly scale your branch networks through remote installation. Available in seven models — ranging from eight to 48 ports, with gigabit and 10 gigabit ethernet ports — SonicWall Switches deliver network switching that accommodates the growing number of mobile and IoT devices in branch locations and provides the network performance needed to support cloud-delivered applications. SonicWall Switches also fit seamlessly into your existing SonicWall ecosystem,
As of 2/13/2020 Chrome has updated to version 80.0.3987.106 which no longer causes issues with firewall management.In February 2020 Chrome released software version 80. In this version there were changes made to how cookies and JavaScript are handled. Due to this update, SonicWall firewalls using the self-signed certificate, are not able to be managed. Firewalls that use a trusted certificate (for example a GoDaddy CA root) are not affected by this Chrome update.Our engineering teams are working on this issue to provide a resolution to customer
March 2020
SonicWall Web Application Firewall (WAF) reaches End-of-Sale February 1, 2020 SonicWall is initiating a worldwide End-of-Sale for the Web Application Firewall (WAF) product beginning on February 1, 2020. SonicWall will no longer actively develop or sell the product. Please see the Product Lifecycle Table for a full list of key dates regarding this product. Why is SonicWall initiating End-of-Sale for the Web Application Firewall (WAF)? We are working to create an integrated system that delivers faster protection, detection and correction. We a
What we know about the Critical Remote Code Execution Vulnerability (CVE-2019-1579) Researchers have found several security flaws in popular corporate VPNs, which they say can be used to silently break into company networks and steal business secrets. According to https://techcrunch.com/2019/07/23/corporate-vpn-flaws-risk/ “Devcore researchers Orange Tsai and Meh Chang said the flaws found in the three corporate VPN providers — Palo Alto Networks, Pulse Secure and Fortinet — are ‘easy’ to remotely exploit.” Once the SSL VPN server is compromis
Active Retirement Mode Announcement SonicWall is initiating the Active Retirement Mode (ARM) notification for the SonicWall NSA E6500. Active Retirement Mode is the second phase of the SonicWall End of Life process outlined at the end of this document. During this phase SonicWall will no longer actively manufacture or sell the products listed below. In addition, SonicWall may release a limited number of new features and will issue bug fixes only to the latest version of firmware available for the device After the ARM phase ha
Researchers have found multiple defects including a Man-in-the-Middle (MITM) vulnerability in versions 1.0.1 and 1.0.2-beta of OpenSSL, the cryptographic software library. For detailed information on the Man-in-the-Middle and other vulnerabilities see the OpenSSL website. SonicWall Firewalls and GMS Are Not Affected SonicWall firewalls (TZ, NSA, E-Class NSA, SuperMassive) and Global Management System (GMS) are NOT affected by the vulnerabilities. Additionally, firewalls with an active Intrusion Prevention Service have, as of June 5, 2014, signa
06/01/2019 04:00AM UTC - 06/03/2019 11:00AM UTC This is to notify that CSC-Management, Reporting and Analytics services for the North America region will be upgraded to v1.5 from May 31st, 9 pm to June 3rd, 4 am (PST). During this time, the services will experience downtime. Your firewall will remain active and you can log-in to the firewall web GUI to access it. We apologize for the inconvenience and thank you for your patience. Note: During downtime, you can continue to manage firewalls by logging to them directly. Please ensure that you have
05/17/2019 05:00PM UTC - 05/19/2019 05:00PM UTC Please be aware that CSC-Management, Reporting and Analytics services for the Europe region will be upgraded to v1.5 from May 17th, 10 am to May 19th, 10am (PST). During this time, the services will experience downtime. Your firewall will remain active and you can log-in to the firewall web GUI to access it. Please contact SonicWall support for any assistance. We apologize for the inconvenience and thank you for your patience. Note: During downtime, you can continue to ma
On Thursday, April 11, researchers from the Carnegie Mellon University Software Engineering Institute published a global vulnerability regarding virtual private network (VPN) applications storing authentication and/or session cookies insecurely in memory and/or log files.At this time, SonicWall is not aware of any situation where a currently valid session token is written to log files outside of very specific debug configurations, which are being eliminated as a precaution to prevent any potential misuse. As such, SonicWall customers using IPSE
SonicWall previously announced that the SonicWall Enforced Client offerings (both McAfee and Kaspersky) are End of Life (EOL) and no longer available for purchase starting April 2018. McAfee also previously announced an EOL for the endpoint technology that was used; with Kaspersky it was a strategic decision to no longer sell the product due to government concerns raised by the product around data privacy. SonicWall now announces the End of Support dates for SonicWall Enforced Client as follows: January 11th 2019 – Limited Support for SonicWal