SonicWall issued a security notice urging customers to immediately patch several vulnerabilities that are considered high-risk affecting its Secure Mobile Access (SMA) 1000 Series line of products.
This can allow attackers to bypass authorization and, potentially, compromise unpatched appliances. The flaw tracked as CVE-2022-22282 in an unauthenticated access control bypass flaw affects SMA1000 series firmware 12.4.0, 12.4.1-02965, and earlier versions. The flaw was rated high severity.
“SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restrict access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability”, reads the description of this issue.
The Sonic Wall also addressed the issue tracked as CVE-2022-1701, a hard-coded cryptographic key, the flaw is rated as medium severity.
The third issue was tracked as CVE-2022-1702 leads to open redirection vulnerability, rated as medium severity.
Therefore out of the three vulnerabilities, CVE-2022-22282 is the most severe as it allows unauthenticated attackers to bypass access control and gain access to internal resources.
The company pointed out that there are no temporary mitigations. “SonicWall urges impacted customers to implement applicable patches as soon as possible.” says the report.
Impacted Platforms: SMA 1000 Series
SMA 6200, 6210, 7200, 7210, 8000v (ESX, KVM, Hyper-V, AWS, Azure)
No Impact
According to the report, the following products are not impacted.
- SMA 1000 series running versions earlier than 12.4.0
- SMA 100 series
- CMS
- Remote access clients
SonicWall strongly urges that organizations using the SMA 1000 series products upgrade to the latest patch.
