SonicWall Releases Security Update for SSLVPN SMA1000 Series Appliances

SonicWall strongly urges organisations to apply security updates to remediate against three vulnerabilities

Threat ID:: CC-4092
Threat Severity:: Information only
Published:: 16 May 2022 1:33 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

SonicWall strongly urges organisations to apply security updates to remediate against three vulnerabilities

Affected platforms

The following platforms are known to be affected:

Versions: 12.4.0, 12.4.1

SonicWall Secure Mobile Access (SMA) 1000 Series

Impacted SSLVPN SMA 1000 Series platforms:

6200
6210
7200
7210
8000v (ESX, KVM, Hyper-V, AWS, Azure)

Threat details

Introduction

SonicWall has released security updates for three vulnerabilities in SSLVPN Secure Mobile Access (SMA) 1000 Series appliances. These vulnerabilities include improper access control, use of hard-coded cryptographic key, and URL redirection to untrusted site.

An unauthenticated remote attacker could exploit some of these vulnerabilities to take control of a system.

Remediation advice

Affected organisations are encouraged to review the SonicWall security advisory SNWLID-2022-0009 and SMA 1000 Series Unauthenticated Access Control Bypass security notification page and apply the relevant updates.

Definitive source of threat updates

CVE Vulnerabilities

Status Published

CVE-2022-22282

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.

Status Published

CVE-2022-1701

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.

Status Published

CVE-2022-1702

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.

Last edited: 16 May 2022 1:42 pm