Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Recent vulnerability SNWLID-2020-0010


Can someone please explain more on this.

Are all firmwares below latest affected? The advisory is confusing to read.

I have some Azure NSv's on SonicOS Enhanced

Are these affected?

Is there a patch for Azure NSv or do I have to Re-deploy with Version and upgrade to sonicwall_nsv_azure_6.5.4.4-44v-21-987

Category: Virtual Firewall


  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @Otown

    in my understanding everything is affected listed here (including earlier releases):

    • SonicOS and earlier
    • SonicOS and earlier
    • SonicOS and earlier
    • SonicOSv and earlier
    • SonicOS

    And it's fixed with these releases (and later).

    • SonicOS
    • SonicOS
    • SonicOS
    • SonicOS 6.5.4.v-21s-987
    • Gen 7 and onwards

    I'am no NSv user, but I guess you can install, which is available as .SWI file, only if you already running, which is not the case. I wasn't aware of such a limitation and it does not sound like maintaining of NSv that comfortable.


  • OtownOtown Newbie ✭
    edited October 16

    Cheers Michael, yeah its not as well explained as the other CVE's where they give you all the models and firmware versions to and from?


    • SonicOS and earlier
    • SonicOS and earlier

    why mention both, if it is 6.5.4 and earlier, that includes 6.5.1 ? Or why not say 6.5.2 also if you are mentioning all the 6.5.x versions? or 6.2.x?

    Unfortunately yes on the Azure NSv's if deployed pre 6.5.4 they are on 6.5.0. It sounds like using the VM re-deploy option in Azure will re-deploy with all the same azure resources but on 6.5.4 and then you just import the settings but again their guide is vaguely unhelpful :( .

  • MicahMicah Administrator

    Self-Service Sr. Manager at SonicWall. Say "hi" by tagging me at @micah.

  • OtownOtown Newbie ✭

    @Micah Thanks, thats a little clearer I guess.

    My NSv's in Azure are still a concern. I also have some on  6.5.4-757 and they do not find the new firmware when using the "advised" console method.... ughh

  • kthorkthor Newbie ✭


    Anyone seen statements regarding the SRA and SMA systems?


  • BWCBWC Cybersecurity Overlord ✭✭✭


    that's a valid question about SRA/SMA, not sure how far the similarties are internally.

    What I noticed, that the build date of is Aug 22nd, that must be a heck of an internal review until it got released more then one month later.


Sign In or Register to comment.