2nd SonicWall security update for SMA 100 vulnerability

[German]SonicWall has released a second firmware security update for its SMA 100 to close a 0-day vulnerability. Administrators should install this update immediately as the vulnerability is being exploited.


SonicWall had warned of a 0-day exploit actively being exploited to attack SonicWall Secure Mobile Access devices in the SMA 100 series in late January 2021. SonicWall had published this security alert on the subject as of February 1, 2021. There, a zero-day vulnerability in the SMA 100 series 10.x code was confirmed. SMA 100 firmware prior to 10.x is not affected by this zero-day vulnerability. I had reported that in the blog post Warning: 0-day exploit used to attack SonicWall SMA 100. A patch had been announced and shipped by the vendor for February 2, 2021 (see this article from Bleeping Computer).

Second update released

The colleagues from Bleeping Computer point out in the following tweet that SonicWall has released another firmware update to secure against the 0-day vulnerability in the code SMA 100 series.

 SonicWall SMA 100 firmware update

SonicWall has released the security advisory Additional SMA 100 Series 10.X And 9.X Firmware Updates Required [Updated Feb. 19, 2 P.M. CST]. It states:

Following up on the Feb. 3 firmware update outlined below, SonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance.

SonicWall conducted additional reviews to further strengthen the code for the SMA 100 series product line.

The new SMA 10.2 firmware includes:

  • Code-hardening fixes identified during an internal code audit
  • Rollup of customer issue fixes not included in the Feb. 3 patch
  • General performance enhancements
  • Previous SMA 100 series zero-day fixes posted on Feb. 3

The new 9.0 firmware includes:

  • Code-hardening fixes identified during an internal code audit

SMA 100 Series Devices with 10.x or 9.x Firmware that Require Upgrade:

  • Physical Appliances: SMA 200, SMA 210, SMA 400, SMA 410
  • Virtual Appliances: SMA 500v (Azure, AWS, ESXi, HyperV)

All organizations using SMA 100 series products with 10.x or 9.x firmware should apply the respective patches IMMEDIATELY.

If you already applied the SMA firmware posted on Feb 3., you still need to upgrade to SMA If you skipped the SMA firmware update from Feb. 3, you only need to apply the latest SMA firmware.

The security advisory contains detailed instructions on upgrading the SMA 9.x or SMA 10.x firmware.


Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *