Skip to main content

SonicWall Releases Security Update for SSLVPN SMA1000 Series Appliances

SonicWall strongly urges organisations to apply security updates to remediate against three vulnerabilities

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

SonicWall strongly urges organisations to apply security updates to remediate against three vulnerabilities


Threat details

Introduction

SonicWall has released security updates for three vulnerabilities in SSLVPN Secure Mobile Access (SMA) 1000 Series appliances. These vulnerabilities include improper access control, use of hard-coded cryptographic key, and URL redirection to untrusted site.

An unauthenticated remote attacker could exploit some of these vulnerabilities to take control of a system.


Remediation advice

Affected organisations are encouraged to review the SonicWall security advisory SNWLID-2022-0009 and  SMA 1000 Series Unauthenticated Access Control Bypass security notification page and apply the relevant updates.



Last edited: 16 May 2022 1:42 pm