SonicWall has released patches to fix eight vulnerabilities in its Secure Mobile Access (SMA) 100 series appliances, including two critical flaws. Vulnerable SMA 100 series remote access appliances include the SonicWall SMA 200, 210, 400, 410, and 500v secure access gateway products, and SMA 100 series appliances with the Web Application Firewall (WAF) enabled.
The most dangerous vulnerabilities are two buffer overflow bugs tracked as CVE-2021-20038 and CVE-2021-20045 which could be exploited by a remote attacker to execute arbitrary code. CVE-2021-20038 is an unauthenticated stack-based buffer overflow bug with a CVSS score of 9.8 out of 10, and CVE-2021-20045 covers multiple unauthenticated file explorer heap-based and stack-based buffer overflow bugs and has been assigned a CVSS score of 9.4 out of 10.
CVE-2021-20043 is a high-severity (CVSS score: 8.8) getBookmarks heap-based buffer overflow vulnerability that can be remotely exploited to execute arbitrary code, although an attacker would need to be authenticated. The remaining vulnerabilities are CVE-2021-20041 – an unauthenticated CPU exhaustion vulnerability (CVSS score 7.5); CVE-2021-20039 – an authenticated command injection vulnerability (CVSS score 7.2); CVE-2021-20044 – a post-authentication remote code execution vulnerability(CVSS score 7.2); CVE-2021-20040 – an unauthenticated file upload path traversal vulnerability (CVSS score 6.5); and CVE-2021-20042 – an unauthenticated confused deputy vulnerability (CVSS score 6.3).
SonicWall says it is unaware of any cases of the vulnerabilities being exploited in the wild; however, these vulnerabilities will be attractive to cyber threat actors and are likely to be exploited if the updates are not applied. Vulnerable SonicWall SMA devices have been targeted in the past by threat actors to deliver ransomware.
SonicWall is encouraging all users of SMA 100 series remote access appliances to apply the updates as soon as possible. The updated firmware can be downloaded by logging in at MySonicWall.com. There are no temporary mitigations that can be applied to reduce the risk of exploitation.