DESCRIPTION:
Multiple vulnerabilities exist in SonicWall SMA 100 series appliances could allow for arbitrary code execution and lead to the remote authenticated attacker taking over the control of the appliance remotely.
1. CVE-2021-20038 - Unauthenticated Stack-Based Buffer Overflow
2. CVE-2021-20039 - Authenticated Command Injection as Root
3. CVE-2021-20040 - Unauthenticated File Upload Path Traversal
4. CVE-2021-20041 - Unauthenticated CPU Exhaustion
5. CVE-2021-20042 - Unauthenticated Confused Deputy
6. CVE-2021-20043 - Heap-Based Buffer Overflow
7. CVE-2021-20044 - Post-Authentication Remote Command Execution
8. CVE-2021-20045 - Multiple Unauthenticated Heap-Based and Stack Based Buffer Overflow
AFFECTED RELEASES:
SonicWall SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v (ESX, Hyper-V, KVM, AWS, Azure), are vulnerable with the firmware version listed below.
9.0.0.11-31sv (and earlier)
10.2.0.8-37sv (and earlier)
10.2.1.0-17sv (and earlier)
10.2.1.1-19sv (and earlier)
10.2.1.2-24sv (and earlier)
SOLUTION:
Users and system administrators of affected products are advised to apply the security updates immediately from the following URL:
1. https://www.sonicwall.com/support/product-notification/product-security-notice-sma-100-series-vulnerability-patches-q4-2021/211201154715443/
2. https://www.sonicwall.com/support/knowledge-base/how-to-upgrade-firmware-on-sma-100-series-appliances/170502339501169/
REFERENCE:
1. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026
2. https://www.sonicwall.com/support/knowledge-base/how-to-upgrade-firmware-on-sma-100-series-appliances/170502339501169/
3. https://www.sonicwall.com/support/product-notification/product-security-notice-sma-100-series-vulnerability-patches-q4-2021/211201154715443/