SonicWall is warning customers to apply firmware updates to its SMA 100 Series appliances for remote access from mobile devices, in order to patch vulnerabilities of critical and medium severity.
SonicWall says in an advisory that it “strongly urges” customers to apply new fixes to address eight flaws that the US Cybersecurity and Infrastructure Agency (CISA) warns would allow a remote attacker to take control of an affected system. CISA recommends customers apply the necessary firmware updates “as soon as possible”, in part because they’ve historically been popular targets for attackers.
The eight bugs range from critical to medium severity and affect a sensitive piece of the network since they provide employees with remote access to internal resources.
SEE: A winning strategy for cybersecurity (ZDNet special report)
The eight bugs were discovered by researchers at Rapid7 and NCC Group. The most dangerous of them has a severity rate of 9.8 out of a possible 10.
SonicWall’s Secure Mobile Access (SMA) SMA 100 Series appliances for small and medium businesses enable secure remote access from mobile devices anywhere via its NetExtender and Mobile Connect VPNs.
Affected SMA 100 series appliances include SMA 200, 210, 400, 410 and