SonicWall is releasing patches for new faults affecting SMA1000 SSLVPN devices

SonicWall

SonicWall has issued a warning about a trio of security flaws in its Secure Mobile Access (SMA) 1000 devices, including a severely circumventing vulnerability.

The weaknesses in question affect the SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below –

  • CVE-2022-22282 (CVSS score: 8.2) – Unauthenticated access control bypass
  • CVE-2022-1702 (CVSS score: 6.1) – URL redirection to a trusted site (open redirect)
  • CVE-2022-1701 (CVSS score: 5.7) – Use of a shared and encrypted cryptographic key

Successfully exploiting the above errors could allow an attacker to gain unauthorized access to internal resources and even redirect potential victims to malicious websites.

Cyber ​​security

Tom Wyatt of the Mimecast Offensive security team was credited with discovering and reporting vulnerabilities.

SonicWall noted that the defects do not affect the SMA 1000 series running earlier versions 12.4.0, the SMA 100 series, central management servers (CMS) and remote access clients.

SonicWall

Although there is no evidence that these vulnerabilities are exploited in the wild, it is recommended that users apply the fixes, given that SonicWall devices have in the past received attractive attention for ransomware attacks.

“There are no temporary mitigations,” the network security company said. “SonicWall urges affected customers to implement the applicable patches as soon as possible.”

Leave a Comment