SonicWall has patched a critical security flaw impacting several Secure Mobile Access (SMA) 100, 200, 210, 400, 410, 500v series products tracked as CVE-2021-20034 that can let unauthenticated attackers remotely gain admin access on targeted devices.
There are no temporary mitigations to remove the attack vector, and SonicWall strongly urges impacted customers to deploy security updates that address the flaw as soon as possible.
Successful exploitation can let attackers delete arbitrary files from unpatched SMA 100 secure access gateways to reboot to factory default settings and potentially gain administrator access to the device. The vulnerability is due to an improper limitation of a file path to a restricted directory potentially leading to arbitrary file deletion as nobody
SonicWall SMA 100 series appliances have been targeted by ransomware gangs multiple times since the start of 2021, with the end goal of moving laterally into the target organization’s network
SonicWall recently said that its products are used by more than 500,000 business customers in over 215 countries and territories worldwide. Many of them are deployed on the networks of the world’s largest organizations, enterprises, and government agencies.