Author: Melodie Foster
Date: 2nd February 2021
SonicWall confirmed yesterday that its Secure Mobile Access (SMA) 100 series product contains a critical vulnerability. This comes a day after NCC researchers said the critical flaw was being exploited in the wild.
NCC tweeted on Sunday, “we’ve identified and demonstrated exploitability of a possible candidate for the vulnerability described and sent details to SonicWall. We’ve also seen indication of indiscriminate use of an exploit in the wild – check logs.” Then, on Monday, SonicWall confirmed the existence of the vulnerability and said a few thousand devices are affected.
Customers that need to use SMA 100 series products prior to the patch being released are strongly recommended to enable multifactor authentication and to reset user passwords.
SonicWall said that users can alternatively: block access to the SMA 100 device on the firewall, provided that the device is behind a firewall; shut down the SMA 100 series device until a patch becomes available; or load firmware version 9.x after a factory default settings reboot.
A patch is expected by the end of the day and the impacted versions include both physical and virtual SMA 100 version 10.x devices. 
Arcturus Deep Dives
Arcturus cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >