SonicWall confirms ‘critical’ vulnerabilty in SMA 100 devices

A week after warning IT departments of a possible problem with its SMA 100 devices, SonicWall has confirmed a ‘critical’ fault in its firmware.

Yesterday afternoon, the company issued a statement saying it has confirmed a zero-day vulnerability on SMA 100 series units running version 10.x code. The vulnerability affects both physical and virtual SMA 100 10.x devices including the SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v.

SMA 100 firmware prior to 10.x is unaffected. A patch is expected by the end of today.

In the meantime SonicWall said customers have the following options:

    • If you must continue operation of the SMA 100 Series appliance until a patch is available
      • Enable multifactor authentication.  The company said is is “crucial” until the patch is available’
      • Reset user passwords for accounts that utilized the SMA 100 series with 10.X firmware
    • If the SMA 100 series (10.x) is behind a firewall, block all access to the SMA 100 on the firewall;
    • Shut down the SMA 100 series device (10.x) until a patch is available; or
    • Load firmware version 9.x after a factory default settings reboot.  If this is chosen the 10.x settings must be backed up. SonicWall says direct downgrade of firmware 10.x to 9.x with settings intact is not supported.  Users must first reboot the device with factory defaults and then either load a backed up 9.x configuration or reconfigure the SMA 100 from scratch. It also says administrators should follow multifactor authentication best practice security guidance if you choose to install 9.x.

SonicWall firewalls and SMA 1000 series appliances, as well as all respective VPN clients, are unaffected and remain safe to use.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.