Security News > 2021 > July > SonicWall Warns Firewall Hardware Bugs Under Attack

SonicWall Warns Firewall Hardware Bugs Under Attack
2021-07-15 15:41

Security vendor SonicWall is warning customers to patch its enterprise secure VPN hardware to thwart an "Imminent ransomware campaign using stolen credentials" that's exploiting security holes in current models and those running legacy firmware.

In a Thursday security notice, the company reported that researchers at Mandiant identified "Threat actors actively targeting" three SMA 100 models and nine older SRA-series secure VPN products no longer supported by SonicWall.

Researchers there asserted that Thursday's SonicWall security notice is part of an ongoing exploitation of a vulnerability, which they disclosed last month.

"CrowdStrike Services incident-response teams identified eCrime actors leveraging an older SonicWall VPN vulnerability, CVE-2019-7481, that affects Secure Remote Access 4600 devices; the ability to leverage the vulnerability to affect SRA devices was previously undisclosed by SonicWall," it wrote.

"If your organization is using a legacy SRA appliance that is past end-of life status and cannot update to 9.x firmware, continued use may result in ransomware exploitation," SonicWall said.

"Even though the footprint of impacted or unpatched devices is relatively small, SonicWall continues to strongly advise organizations to patch supported devices or decommission security appliances that are no longer supported, especially as it receives updated intelligence about emerging threats. The continued use of unpatched firmware or end-of-life devices, regardless of vendor, is an active security risk."


News URL

https://threatpost.com/sonicwall-firewall-bugs-attack/167824/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-12-17 CVE-2019-7481 SQL Injection vulnerability in Sonicwall SMA 100 Firmware 9.0.0.0/9.0.0.3
Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources.
network
low complexity
sonicwall CWE-89
5.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 131 6 91 46 32 175