SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability

SonicWall has confirmed a zero-day vulnerability on SMA 100 series 10.x code. SMA 100 firmware prior to 10.x is unaffected by this zero-day vulnerability.  

On Sunday, January 31, 2021, the NCC Group informed the SonicWall Product Security Incident Response Team (PSIRT) about a potential zero-day vulnerability in the SMA 100 series. The engineering team confirmed their submission as a critical zero-day in the SMA 100 series 10.x code, and are tracking it as SNWLID-2021-0001.

SonicWall has identified the vulnerable code and is working on a patch to be available by end of day on February 2, 2021. This vulnerability affects both physical and virtual SMA 100 10.x devices (SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v).

SonicWall firewalls and SMA 1000 series appliances, as well as all respective VPN clients, are unaffected and remain safe to use.

This vulnerability affects both physical and virtual SMA 100 10.x devices (SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v).

Further information at – https://www.sonicwall.com/support/product-notification/urgent-security-notice-sonicwall-confirms-sma-100-series-10-x-zero-day-vulnerability-feb-1-2-p-m-cst/210122173415410/

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: