Service Notices
SonicWall SMA 0-Day Vulnerability
Feb 07, 2021 GMT+08:00
I. Overview
A security team has recently disclosed a severe zero-day vulnerability in SonicWall Secure Mobile Access (SMA). An unauthenticated attacker can exploit a critical SQL injection in SonicWall SMA to access login credentials (usernames and passwords) as well as session information that could then be used to log in to the vulnerable SMA appliance.
SonicWall SMA is a VPN software developed by SonicWall. If you are an SMA user, check your service version and implement timely security hardening.
For more information about this vulnerability, visit the following website:
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Affected versions:
SMA physical version before 10.2.0.5-d-29sv
Secure versions:
SMA physical version 10.2.0.5-d-29sv
IV. Vulnerability Handling
This vulnerability has been fixed in the latest official version. If your service version falls into the affected range, upgrade it to the secure version.
Temporary workarounds:
1. Enable multi-factor authentication (MFA).
2. Enable built-in Web Application Firewall (WAF).
3. Reset passwords for all the users who may have logged in through the web UI.
HUAWEI CLOUD WAF can defend against these vulnerabilities. If you are a WAF user, set the basic web protection status to Block. For details, see Enabling Basic Web Protection.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.