Security News > 2021 > July > SonicWall warns of 'critical' ransomware risk to SMA 100 VPN appliances

SonicWall warns of 'critical' ransomware risk to SMA 100 VPN appliances
2021-07-14 15:39

SonicWall has issued an "Urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life Secure Mobile Access 100 series and Secure Remote Access products.

"Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access 100 series and Secure Remote Access products running unpatched and end-of-life 8.x firmware in an imminent ransomware campaign using stolen credentials," the company said.

"Organizations that fail to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of a targeted ransomware attack," SonicWall warns.

Companies still using EoL SMA and/or SRA devices with 8.x firmware are urged to update the firmware immediately or disconnect the appliances as soon as possible to fend off the critical risk of ransomware attacks.

In April, threat actors also exploited a zero-day bug in SonicWall SMA 100 Series VPN appliances to deploy a new ransomware strain known as FiveHands on the networks of North American and European targets.

This threat group, tracked by Mandiant as UNC2447, exploited the CVE-2021-20016 SonicWall vulnerability to breach systems and deliver FiveHands ransomware payloads before SonicWall released patches in late February 2021.


News URL

https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-ransomware-risk-to-sma-100-vpn-appliances/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-02-04 CVE-2021-20016 SQL Injection vulnerability in Sonicwall products
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information.
network
low complexity
sonicwall CWE-89
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 113 0 41 74 38 153
SMA 42 0 0 8 8 16