SMA 100 series CVE SNWLID-2021-0021 - Unauthenticated SMA100 arbitrary file delete vulnerability
I am just done updating my customers SMA's and noticed this wasn't posted here.
All went fine from 10.2.0.7-34sv to 10.2.1.1-19sv - Azure SMA 500v's - except one, which I had to spin up a new VM, move vNic's and PIP's, import settings, upgrade again (but to 10.2.0.8-37 instead) and get sonicwall support to free the license to re-associate to the new vm.
I know its the weekend but very disappointing that the mods here haven't put up an announcement here.... at least I cant find one.
For my 500v's in azure, if this is accurate, an attacker could easily factory reset my SMA's and admin login with the defaults and laterally move across a lot of my customers corp nets.