UPDATE: SonicWall has told TechRadar Pro that, following investigations, its NetExtender VPN client was not impacted by the flaw. Its SonicWall Firewalls, SMA 1000 Series and SonicWave Access Points were also unaffected, however the SMA 100 Series is still under investigation.
ORIGINAL STORY: Cybersecurity solutions provider SonicWall has warned customers that a zero-day vulnerability has been found affecting several of its VPN products, but that following an investigation, many were actually unaffected.
“We believe it is extremely important to be transparent with our customers, our partners and the broader cybersecurity community about the ongoing attacks on global business and government,” an urgent SonicWall security advisory read (opens in new tab). “Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.”
SonicWall had initially said two of its products were affectd: NetExtender VPN client version 10.x (released in 2020), and Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances and the SMA 500v virtual appliance.
- Check out our roundup of the best endpoint protection (opens in new tab) software
- Here's our list of the best business VPNs (opens in new tab) available
- We've also highlighted the best antivirus (opens in new tab) software
In addition to the affected products listed, SonicWall has indicated that it is still investigating whether the SMA 100 Series is at risk from the VPN vulnerability. The company can confirm, however, that all generations of SonicWall firewalls are safe to use, and that the NetExtender VPN Client, the SMA 1000 Series, the SonicWall SonicWave APs also remain unaffected.
SonicWall has also listed a number of mitigation strategies that customers can employ to protect themselves against the recently discovered zero-day. This includes enabling multi-factor authentication on impacted devices and restricting access to whitelisted IP addresses.
With VPN usage on the rise, even before the COVID-19 pandemic forced more employees to work remotely, cyberattackers have begun expending their efforts to hack popular VPN solutions. In addition to the SonicWall flaw, security issues have recently been found affecting devices made by Zyxel (opens in new tab) and SaferVPN (opens in new tab).
- We've also put together a list of the best VPN (opens in new tab) solutions available
Via Bleeping Computer (opens in new tab)