- Sonicwall has updated a security notice for a secure mobile access flaw
- Cisa added the fault to its kev
- FCEB agencies have three weeks to apply the patch
The American Cybersecurity and Infrastructure Safety Agency (CISA) has added an old vulnerability of Sonicwall to its known vulnerabilities (KEV), confirming that it is used in the wild.
Consequently, the Federal Management Agencies of Civil Executive (FCEB) have three weeks to install the fix or completely stop the product.
At the end of 2021, Sonicwall published a security notice, warning its users of an incorrect neutralization vulnerability affecting several secure mobile access devices Sonicwall (SMA). At the time, the company said that the bug could be used to eliminate vulnerable termination criteria with a denial of service attack (back). However, the company has now updated the notice to warn abuses in the will and to upgrade its high to high (7.2) severity score.
Abuse in nature
“The incorrect neutralization of the special elements in the SMA100 management interface allows an authenticated distant attacker to inject arbitrary orders as a user ” ”, which could potentially lead to the execution of the code,” said Sonicwall.
The fault affects SMA 200, SMA 210, SMA 400, SMA 410 and SMA 500V (ESX, KVM, AWS, Azure).
At the same time, Cisa added the bug to Kev, warning of abuse in nature. Although its binding operational directive 22-01 (which obliges organizations to install the corrective) only applies to government agencies, private sector should take note when KEV obtains a new entry.
“These types of vulnerabilities are frequent attack vectors for malicious cyber-actors and present significant risks for the federal enterprise,” said Cisa.
In 2021, Sonicwall underwent one of his most important attacks ever, when a threat player followed as UNC2447 abused SQL injection vulnerability in the SMA100 instance to obtain unauthorized access to networks. After the violation, they deployed the Sombrat stolen door and a variant of ransomware nicknamed five hands.
Via Bleeping Compompute
