SonicWall firewalls and other appliances are not impacted by VPNFilter.
SonicWall researchers are continuing to monitor developments surrounding VPNFilter and have so far confirmed that no SonicWall appliances are impacted by the malware. SonicWall customers are being advised that there is no need to reboot or take any action on any SonicWall appliance.
On May 23 2018, researchers at Cisco Talos published a report documenting a new sophisticated modular malware system known as VPNFilter.
More than 500,000 devices around the world are said to be infected with this malware – most of them are consumer internet routers from a range of different vendors.
Below is a list of routers Symantec identified as vulnerable to VPNFilter.
Linksys E1200
Linksys E2500
Linksys WRVS4400N
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
Netgear DGN2200
Netgear R6400
Netgear R7000
Netgear R8000
Netgear WNR1000
Netgear WNR2000
QNAP TS251
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
TP-Link R600VPN
"No other vendors, including Cisco, have been observed as infected by VPNFilter, but our research continues," according to Cisco Talos, which first reported the bug.
SonicWall researchers are continuing to monitor developments surrounding VPNFilter but have so far confirmed that no SonicWall appliances are impacted by the malware. SonicWall customers are being advised that there is no need to reboot or take any action on any SonicWall appliance.
If you use one of the routers that have been identified as vulnerable to VPNFIlter, we recommend following the directions issued by the manufacturer. The following is a list of security advisories and responses published by the companies impacted to date:
- QNAP
- MikroTik
- Netgear