[German]Vendor SonicWall has issued a security notification for his product SonicWall Email Security. There are Zero-Day Vulnerabilities that put users of this product at risk.
Advertising
German blog reader Stefan A. has notified me a couple of hours ago via email and informed me about a warning (thanks for that), SonicWall has issued for users of SonicWall Email Security. Stefan wrote:
At the company I work for, we use SonicWall's email security, among other things. […}
If I interpret the CVEs correctly, the "entry" is probably via HTTP, which can be dangerous depending on the accessibility.
Perhaps you could issue another brief warning here on the blog, in case there's still the odd admin with on-prem SonicWall Email Security.
We have already applied the update on three machines and could not find anything negative after the short subsequent tests.
Stefan has send me a link to SonicWall's Security Notice: SonicWall Email Security Zero-Day Vulnerabilities, dated April 20, 2021. There SonicWall wrote:
Through the course of standard collaboration and testing, SonicWall has verified, tested and published patches to mitigate three zero-day vulnerabilities to its hosted and on-premises email security products.
In at least one known case, these vulnerabilities have been observed to be exploited 'in the wild.' It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version listed below.
SonicWall Hosted Email Security (HES) was patched on April 19, 2021, and no action is required from organizations that are only using the hosted email security product.
Step-by-step guidance on how to apply the updates is available on an in-depth knowledgebase (KB) article.
