11:00am, 15 July 2021
TLP Rating:
SonicWall EOL Devices Targeted by Ransomware
SonicWall has issued an urgent security notice, warning customers of ransomware attacks targeting end-of-life Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. Products using 8.x firmware are being targeted.
What's happening
Systems affected
The following range of SonicWall devices for Secure Remote Access (SRA), SSL VPN and Secure Mobile Access (SMA) are affected by this vulnerability:
- SRA 4600/1600
- SRA 4200/1200
- SSL-VPN 200/2000/400
- SMA 400/200
- SMA 210/410/500v using 8.x firmware
What to look for
How to tell if you're at risk
You are at risk of this vulnerability if you are using any devices with 8.x firmware from SonicWall.
Firmware versions 9.x before 9.0.0.10-28sv and 10.x before 10.2.0.7-34sv are also at risk of attack.
What to do
Prevention
SonicWall recommends that any organisation still using end-of-life SSL-VPN (200/2000/400) and/or SRA devices (4600/1600; 4200/1200) disconnect these devices immediately.
Devices still under support, but using 8.x firmware, should immediately upgrade to the latest versions from SonicWall.
- Users of 9.x should immediately update to 0.0.10-28sv or later
- Users of 10.x should immediately update to 10.2.0.7-34sv or later
Users of any of these devices should urgently reset all associated passwords and enable MFA.
More information
SonicWall's security notice External Link
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
For media enquiries, email our media desk at certmedia@cert.govt.nz or call on 021 854 384
How helpful was this page?
This site is protected by reCAPTCHA and the Google Privacy Policy External Link and Terms of Service External Link apply.