SonicWall warns of critical flaws in SMA 100 series appliances, enabling remote code execution, authentication bypass, and system compromise.
SonicWall advises users to update their SMA 200, 210, 400, 410, and 500v appliances running firmware 10.2.1.13-72sv or earlier. SMA1000 series devices are not affected.
Vulnerability List :
- CVE-2024-38475: Path Traversal
This vulnerability leverages Apache HTTP Server’smod_rewrite
module to map URLs to restricted filesystem locations. Attackers can use this flaw to access sensitive files, potentially compromising system security and data integrity. - CVE-2024-40763: Heap-Based Buffer Overflow
A flaw in SMA100 devices’ memory management leads to a heap-based buffer overflow. By exploiting this, attackers can execute malicious code remotely or cause a system crash, disrupting services. - CVE-2024-45318: Stack-Based Buffer Overflow
Found in the SMA100 web management interface, this vulnerability allows attackers to trigger a stack-based buffer overflow. If exploited, it can result in arbitrary code execution, granting full control over the device. - CVE-2024-45319: Certificate Authentication Bypass
This flaw permits attackers to bypass the certificate requirement during authentication, providing unauthorized access to sensitive systems and potentially exposing critical resources. - CVE-2024-53702: Insecure Randomness
The SMA100 devices’ backup mechanism uses a weak pseudo-random number generator (PRNG). Attackers can predict its output, potentially leading to the exposure of sensitive information like encryption keys or backup data. - CVE-2024-53703: Stack-Based Buffer Overflow in Apache
This vulnerability exists in themod_httprp
library used by SMA100 devices running Apache. Exploiting this stack overflow allows attackers to execute arbitrary code remotely, posing a significant threat to the system.
Affected Products :
- Impacted Models: SonicWall SMA 100 series (SMA 200, 210, 400, 410, 500v).
- Vulnerable Firmware: Version 10.2.1.13-72sv and earlier.
Details:
Product Series | Models | Affected Versions |
---|---|---|
SMA 100 | SMA 200, SMA 210 | 10.2.1.13-72sv and earlier |
SMA 100 | SMA 400, SMA 410 | 10.2.1.13-72sv and earlier |
SMA 100 | SMA 500v | 10.2.1.13-72sv and earlier |
SMA 1000 | All models | Not affected |
- Action Required: SonicWall recommends updating to the latest firmware immediately.
- Exploitation Status: No active exploitation reported yet, but due to the severity, prompt action is critical.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment