I. Overview

A security team has recently disclosed a severe zero-day vulnerability in SonicWall Secure Mobile Access (SMA). An unauthenticated attacker can exploit a critical SQL injection in SonicWall SMA to access login credentials (usernames and passwords) as well as session information that could then be used to log in to the vulnerable SMA appliance.

SonicWall SMA is a VPN software developed by SonicWall. If you are an SMA user, check your service version and implement timely security hardening.

For more information about this vulnerability, visit the following website:

https://zh-cn.tenable.com/blog/cve-2021-20016-zero-day-vulnerability-in-sonicwall-secure-mobile-access-sma-exploited?tns_redirect=true

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected versions:

SMA physical version before 10.2.0.5-d-29sv

Secure versions:

SMA physical version 10.2.0.5-d-29sv

IV. Vulnerability Handling

This vulnerability has been fixed in the latest official version. If your service version falls into the affected range, upgrade it to the secure version.

https://www.sonicwall.com/support/product-notification/urgent-patch-available-for-sma-100-series-10-x-firmware-zero-day-vulnerability-updated-feb-3-2-p-m-cst/210122173415410/

Temporary workarounds:

1. Enable multi-factor authentication (MFA).

2. Enable built-in Web Application Firewall (WAF).

3. Reset passwords for all the users who may have logged in through the web UI.

HUAWEI CLOUD WAF can defend against these vulnerabilities. If you are a WAF user, set the basic web protection status to Block. For details, see Enabling Basic Web Protection.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.