Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

SonicWall ‘strongly urges’ Customers to Patch Critical SMA 100 Bugs

SonicWall ‘strongly urges’ Customers to Patch Critical SMA 100 Bugs

SonicWall ‘strongly urges’ organizations using SMA 100 series appliances to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical.

The bugs (reported by Rapid7’s Jake Baines and NCC Group’s Richard Warren) impact SMA 200, 210, 400, 410, and 500v appliances even when the web application firewall (WAF) is enabled.

The highest severity flaws patched by SonicWall this week are CVE-2021-20038 and CVE-2021-20045, two critical Stack-based buffer overflow vulnerabilities that can let remote unauthenticated attackers execute as the ‘nobody’ user in compromised appliances.

Other bugs patched by the company on Tuesday enable authenticated threat actors to gain remote code execution, inject arbitrary commands, or upload crafted web pages and files to any directory in the appliance following successful exploitation.

Also Read: Data Centre Regulations Singapore: Does It Help To Progress?

However, the most dangerous one if left unpatched is CVE-2021-20039. This high severity security issue can let authenticated attackers inject arbitrary commands as the root user leading to a remote takeover of unpatched devices.

Luckily, SonicWall says that it hasn’t yet found any evidence of any of these security vulnerabilities being exploited in the wild.

CVESummaryCVSS Score
CVE-2021-20038Unauthenticated Stack-based Buffer Overflow9.8 High
CVE-2021-20039Authenticated Command Injection Vulnerability as Root7.2 High
CVE-2021-20040Unauthenticated File Upload Path Traversal Vulnerability6.5 Medium
CVE-2021-20041Unauthenticated CPU Exhaustion Vulnerability7.5 High
CVE-2021-20042Unauthenticated “Confused Deputy” Vulnerability6.3 Medium
CVE-2021-20043getBookmarks Heap-based Buffer Overflow8.8 High
CVE-2021-20044Post-Authentication Remote Code Execution (RCE)7.2 High
CVE-2021-20045Multiple Unauthenticated File Explorer Heap-based and Stack-based Buffer Overflows9.4 High

“SonicWall urges impacted customers to implement applicable patches as soon as possible,” the company says in a security advisory published Tuesday.

Customers using SMA 100 series appliances are advised to immediately log in to their MySonicWall.com accounts to upgrade the firmware to versions outlined in this SonicWall PSIRT Advisory.

Upgrade assistance on how to upgrade the firmware on SMA 100 appliances is available in this knowledgebase article or by contacting SonicWall’s support.

To put the importance of patching these security flaws into perspective, SonicWall SMA 100 appliances have been targeted by ransomware gangs multiple times since the start of 2021.

Also Read: What Is A Governance Framework? The Importance And How It Works

For instance, Mandiant said in April that the CVE-2021-20016 SMA 100 zero-day was exploited to deploy a new ransomware strain known as FiveHands starting with January when it was also used to target SonicWall’s internal systems. Before patches were released in late February 2021, the same bug was abused indiscriminately in the wild.

In July, SonicWall also warned of the increased risk of ransomware attacks targeting unpatched end-of-life SMA 100 series and Secure Remote Access products. However, CrowdStrike, Coveware security researchers, and CISA warned that SonicWall appliances were already targeted by HelloKitty ransomware.

SonicWall’s products are used by over 500,000 business customers from 215 countries and territories worldwide, many deployed on the networks of the world’s largest companies and government agencies.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us