Post-Auth OS Command Injection vulnerability Impacting End-Of-Life SRA Appliances and End-Of-Support SMA100 firmware versions

<p><b>NOTE: SonicWall PSIRT has observed threat actors targeting EOL SRA devices (CVE-2021-20028), and active exploitation of this vulnerability is likely.</b><br></p><p>SonicWall is aware of a ‘Post Authentication OS Command Injection’ vulnerability, reported by Compass Security, impacting end-of-life Secure Remote Access (SRA) series products, specifically appliances running all 8.x or and earlier versions. A<span style="font-size: 1rem;">nd Secure Mobile Access (SMA) 100 series products running old firmware and earlier versions.</span></p><p>In February 2021, SonicWall <a href="" target="_blank">released SMA firmware and to fix a zero-day vulnerability</a>, along with additional comprehensive code-strengthening. This strengthening proactively prevented this newly reported vulnerability in versions and later.</p><ul><li>-&nbsp; &nbsp;Organizations that previously upgraded to the firmware or later are already protected against this newly reported issue and no action is required.</li><li>-&nbsp; &nbsp;Organizations with any 10.x versions are not impacted by this vulnerability as the vulnerable feature was deprecated in the 10.x release.<br></li><li>-&nbsp; &nbsp;Organizations running any firmware versions of 8.x or older than or should, per our earlier instructions, upgrade immediately. These older versions may potentially be exploited if not patched immediately.</li></ul><p><b>IMPORTANT:</b> SMA 1000 series products are not affected by this vulnerability.<br></p>
CVE: CVE-2022-22273
Last updated: March 12, 2022, 2:48 a.m.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *