Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

CVE-2022-30190 aka follina

Hello Community,

I am surely that you are aware about the just disclosed vulnerabiliy on MS OS that is currently exploited in the wild. Have sonicwall prepared some signature to intercept such bad traffic ed virtuallypatch the problem? I received an advise from Fortinet that they have already in place GAV signatures to protect form this new issue.

Thanks

Category: Firewall Security Services
Reply

Best Answer

Answers

  • cspell8080cspell8080 Newbie ✭

    That's a good question, I was looking into this myself and see nothing on the SonicWall website.

    I do see that Sentinel One has a writeup on it here : https://www.sentinelone.com/blog/staying-ahead-of-cve-2022-30190-follina/

    Hopefully we are protected with the Sentinel One engine!

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Enzino78 SNWL did not disclosed any information on this AFAIK. Maybe it's included in yesterdays GAV Signature Update.

    But nevertheless, to have any effect you probably need to have DPI-SSL enabled for detection in a encrypted stream.

    I became more and more an advocate for getting things done on the Endpoint, because only there is the whole picture. SentinelOne (according to their blog post) is able to detect and hopefully CaptureClient should do the same. There was no specific agent version mentioned.

    --Michael@BWC

Sign In or Register to comment.