SonicWall hit by another major security issue

(Image credit: Pixabay)

UPDATE: SonicWall has told TechRadar Pro that, following investigations, its NetExtender VPN client was not impacted by the flaw. Its SonicWall Firewalls, SMA 1000 Series and SonicWave Access Points were also unaffected, however the SMA 100 Series is still under investigation.

ORIGINAL STORY: Cybersecurity solutions provider SonicWall has warned customers that a zero-day vulnerability has been found affecting several of its VPN products, but that following an investigation, many were actually unaffected.

“We believe it is extremely important to be transparent with our customers, our partners and the broader cybersecurity community about the ongoing attacks on global business and government,” an urgent SonicWall security advisory read. “Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.”

SonicWall had initially said two of its products were affectd: NetExtender VPN client version 10.x (released in 2020), and Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances and the SMA 500v virtual appliance.

Mitigation strategies

In addition to the affected products listed, SonicWall has indicated that it is still investigating whether the SMA 100 Series is at risk from the VPN vulnerability. The company can confirm, however, that all generations of SonicWall firewalls are safe to use, and that the NetExtender VPN Client, the SMA 1000 Series, the SonicWall SonicWave APs also remain unaffected.

SonicWall has also listed a number of mitigation strategies that customers can employ to protect themselves against the recently discovered zero-day. This includes enabling multi-factor authentication on impacted devices and restricting access to whitelisted IP addresses.

With VPN usage on the rise, even before the COVID-19 pandemic forced more employees to work remotely, cyberattackers have begun expending their efforts to hack popular VPN solutions. In addition to the SonicWall flaw, security issues have recently been found affecting devices made by Zyxel and SaferVPN.

  • We've also put together a list of the best VPN solutions available

Via Bleeping Computer

Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.