Security News > 2021 > September > SonicWall fixes critical bug allowing SMA 100 device takeover

SonicWall has patched a critical security flaw impacting several Secure Mobile Access 100 series products that can let unauthenticated attackers remotely gain admin access on targeted devices.

The SMA 100 series appliances vulnerable to attacks targeting the improper access control vulnerability tracked as CVE-2021-20034 includes SMA 200, 210, 400, 410, and 500v. There are no temporary mitigations to remove the attack vector, and SonicWall strongly urges impacted customers to deploy security updates that address the flaw as soon as possible.

SonicWall asked organizations using SMA 100 series appliances to immediately log in to MySonicWall.com to upgrade the appliances to the patched firmware versions outlined in the table embedded below.

SonicWall SMA 100 series appliances have been targeted by ransomware gangs multiple times since the start of 2021, with the end goal of moving laterally into the target organization's network.

A threat group Mandiant tracks as UNC2447 exploited the CVE-2021-20016 zero-day bug in SonicWall SMA 100 appliances to deploy a new ransomware strain known as FiveHands.

Two months ago, in July, SonicWall warned of an increased risk of ransomware attacks targeting unpatched end-of-life SMA 100 series and Secure Remote Access products.

News URL

https://www.bleepingcomputer.com/news/security/sonicwall-fixes-critical-bug-allowing-sma-100-device-takeover/