SONICWALL SMA 100 SERIES ZERO-DAY VULNERABILITIES ANNOUNCED

On Friday, Jan. 22, 2021, SonicWALL announced it had identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on the SMA 100 Series appliances. The investigation is ongoing.

What It Is:

Current SMA 100 Series users may continue to safely use NetExtender for remote access with the SMA 100 Series. SonicWALL has determined that this use case is not susceptible to exploitation.

The SMA 100 is a gateway for small- and medium-sized businesses that lets authorized users access resources remotely. SMA 100 also gives system administrators visibility into remote devices that are connecting to the corporate network – and grants endpoints access based on corporate policies.

Read the original SonicWALL Urgent Security Notice.

Systems Affected:

• The SMA 100 Series (SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v)

Risk:

Government:

• Large and medium government entities: High
• Small government entities: High

Businesses:

• Large and medium business entities: High
• Small business entities: High

Home users: Low

What It Means:

What To Do:

We recommend the following action be taken:

• Enable two-factor authentication (2FA) on the SMA 100 Series appliances.
• Administrators may also consider the following to further secure access to these devices:
  • Enable Geo-IP/botnet filtering and create a policy blocking web traffic from countries that do not need to access your applications.
  • Enable and configure End Point Control (EPC) to verify a user’s device before establishing a connection.
  • Restrict access to the portal by enabling Scheduled Logins/Logoffs.

Negative Consequences of Lost or Stolen Data:

The loss or theft of proprietary data can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:

• Temporary or permanent loss of sensitive or proprietary information.
• Disruption to regular operations.
• Financial losses incurred to restore systems and files.
• Potential harm to an organization’s reputation.

Should your agency or business need assistance with issues arising from SonicWALL SMA 100 Series appliances including updates and/or patches, Dox can help. Please contact Dox if there is anything we can do to assist in securing your agency, business, or organization.

Thank you for your time and stay safe online.