Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

SMA 100 series CVE SNWLID-2021-0021 - Unauthenticated SMA100 arbitrary file delete vulnerability

https://www.sonicwall.com/support/product-notification/security-notice-critical-arbitrary-file-delete-vulnerability-in-sonicwall-sma-100-series-appliances/210819124854603/

I am just done updating my customers SMA's and noticed this wasn't posted here.

All went fine from 10.2.0.7-34sv to 10.2.1.1-19sv - Azure SMA 500v's - except one, which I had to spin up a new VM, move vNic's and PIP's, import settings, upgrade again (but to 10.2.0.8-37 instead) and get sonicwall support to free the license to re-associate to the new vm.

I know its the weekend but very disappointing that the mods here haven't put up an announcement here.... at least I cant find one.

For my 500v's in azure, if this is accurate, an attacker could easily factory reset my SMA's and admin login with the defaults and laterally move across a lot of my customers corp nets.

Category: Secure Mobile Access Appliances
Reply

Answers

  • KiranKiran SonicWall Employee

    AS the Kb article says there is no evidence that this vulnerability is being exploited in the wild. Also being on laters version 10.2.07 and 10.2.1.0 or above version you are safe.

Sign In or Register to comment.