security Issue
UPDATE: SonicWall has told TechRadar Pro that, following investigations, its NetExtender VPN client was not impacted by the flaw. Its SonicWall Firewalls, SMA 1000 Series and SonicWave Access Points were also unaffected, however the SMA 100 Series is still under investigation.

ORIGINAL STORY: Cybersecurity solutions provider SonicWall has warned customers that a zero-day vulnerability has been found affecting several of its VPN products, but that following an investigation, many were actually unaffected.

“We believe it is extremely important to be transparent with our customers, our partners and the broader cybersecurity community about the ongoing attacks on global business and government,” an urgent SonicWall security advisory read. “Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.”

SonicWall had initially said two of its products were affectd: NetExtender VPN client version 10.x (released in 2020), and Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances and the SMA 500v virtual appliance.

Mitigation strategies

In addition to the affected products listed, SonicWall has indicated that it is still investigating whether the SMA 100 Series is at risk from the VPN vulnerability. The company can confirm, however, that all generations of SonicWall firewalls are safe to use, and that the NetExtender VPN Client, the SMA 1000 Series, the SonicWall SonicWave APs also remain unaffected.

SonicWall has also listed a number of mitigation strategies that customers can employ to protect themselves against the recently discovered zero-day. This includes enabling multi-factor authentication on impacted devices and restricting access to whitelisted IP addresses.

With VPN usage on the rise, even before the COVID-19 pandemic forced more employees to work remotely, cyberattackers have begun expending their efforts to hack popular VPN solutions. In addition to the SonicWall flaw, security issues have recently been found affecting devices made by Zyxel and SaferVPN.


RhynoGUARD MDR – Complete Peace of Mind

RhynoGUARD™ MDR goes beyond traditional MSSP or IR services to provide a continuous end-to-end approach that detects malicious threats earlier, provides comprehensive analysis faster, and delivers actionable guidance for future prevention based on intelligence gained every time.

But, What it is MDR?

This website uses cookies to improve your online experience. By continuing, we will assume that you are agreeing to our use of cookies. For more information, visit our Cookie Policy.

Privacy Preference Center