Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Crowdstrike announces SRA 9.0.0.5 vulnerability

I guess I've put off upgrading to an SMA long enough...

www[dot]crowdstrike[dot].com/blog/how-ecrime-groups-leverage-sonicwall-vulnerability-cve-2019-7481

Category: Secure Mobile Access Appliances
Reply

Comments

  • SimonSimon Moderator
    edited June 10

    Hi @Craig_S

    Thanks for the comment. This issue, CVE-2019-7481, was already addressed by a SonicWall PSIRT Advisory on 17 DEC 2019, updated on 5 March 2020.

    Please look at https://psirt.global.sonicwall.com/vuln-list and search for the CVE to see the Advisory.

    This vulnerability was found to affect SMA 100 systems running 9.0.0.3 and earlier. The fixed version is 9.0.0.4.

    The currently available firmware, in the 9.0 feature set, is 9.0.0.10 available thru MySonicWall.com

    This vulnerability did not affect the SMA 1000 product line.

  • Craig_SCraig_S Newbie ✭

    I understand the the SMA line firmware has been fixed. This article is about the SRA product line, particularly the SRA 4600 running 9.0.0.5 which I was running up until this article came out. Now I'm anxiously awaiting the arrival of a new SMA to replace it.

  • SimonSimon Moderator

    I understand @Craig_S

    I replied to ensure the comment is not misunderstood by other users.

    As you know the SRA 4600 went End of Support on 1 November 2019.

    A 9.0 settings file from an SRA 4600 should import into an SMA 400/410 running 10.2.

    https://www.sonicwall.com/techdocs/pdf/sma-10-2-upgrade-guide.pdf

    If you are replacing it with an SMA 200/210 you can open a support case for assistance converting that settings file to import into an SMA 200/210 after managing the capability differences. This is a new tool. We do not have a public link to this tool to my knowledge.

    https://www.sonicwall.com/support/knowledge-base/sma100-configuration-migration-tool/210608043257367/

  • Craig_SCraig_S Newbie ✭

    Thanks for the tip! We'll be replacing it with a SMA 410, so the transition should be painless.

  • SimonSimon Moderator
Sign In or Register to comment.