Critical vulnerability in SonicWall firewall software

Sicherheit (Pexels, allgemeine Nutzung)[German]Swizz blog reader Adrian has forwarded an alerted me to about a critical vulnerability in the Sonicwall firewall web management interface (thanks for that). The vulnerability affects both physical and virtual firewalls from SonicWall. The vendor strongly advises its customers to apply the appropriate SonicOS patch immediately.


Advertising

In a security advisory dated June 14, 2021, SonicWall points out a SonicOS vulnerability in the firewall's web management interface. The vendor writes:

SonicWall physical and virtual firewalls running certain versions of SonicOS may contain a vulnerability that could be leveraged for an unauthenticated Denial-of-Service (DoS) attack by sending a specially crafted POST request to the web interface. 

The vulnerability requires that web management is enabled on the WAN/LAN interface and assumes an active management session is in progress. For example, an administrator is logged in to the web interface or Global Management System (GMS) / Network Security Manager (NSM) are configured to manage the firewall over HTTPS on the WAN interface.

Other GMS/NSM management modes listed below are not affected if WAN management on the firewall is disabled. The SSL VPN portal on the firewall, Virtual Office, is NOT affected.

Currently, there is no indication that the discovered vulnerability is being exploited in the wild. SonicWall STRONGLY advises its customers to apply the appropriate SonicOS patch immediately. The details of the update can be found in this security sdvisory.

Until the patches listed in the support article can be applied, SonicWall strongly recommends that administrators limit SonicOS management access to trusted sources (and/or disable management access from untrusted Internet sources) by modifying existing SonicOS management access rules (SSH/HTTPS/HTTP management). This will only allow management access from trusted source IP addresses.


Advertising

This entry was posted in devices, Security, Software, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).