- Sonicwall updated a security notice for a safe mobile access failure
- CISA added the defect to his kev
- FCEB agencies have three weeks to apply the patch
The United States Cybersecurity and Infrastructure Security Agency (CISA) has added an old Sonicwall vulnerability to its known exploited vulnerabilities catalog (KEV), confirming that it is being used in nature.
As a result, federal civil executive branch agencies (FCEB) have three weeks to install the patch or stop using the product completely.
At the end of 2021, Sonicwall launched a security notice, warning its users about a vulnerability of inadequate neutralization that affects multiple mobile access appliances (SMA) of Sonicwall. At that time, the company said the error could be used to demolish vulnerable final points with an attack of denial of service (two). However, the company has now updated the warning of warning about the bank abuse and updating its gravity score from medium to high (7.2).
Abuse in nature
“Inadequate neutralization of special elements in the SMA100 administration interface allows an authenticated remote attacker to inject arbitrary commands such as a ‘nobody’ user, which could lead to the execution of the code,” Sonicwall said.
The defect affects SMA 200, SMA 210, SMA 400, SMA 410 and SMA 500V (ESX, KVM, AWS, AZURE).
At the same time, Cisa added the error to Kev, warning about nature abuse. While its Bonstruchous Operational Directive 22-01 (which forces organizations to install the patch) only applies to government agencies, those in the private sector must take note when KEV obtains a new entry.
“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks for the federal company,” said CISA.
In 2021, Sonicwall suffered one of his greatest attacks in history, when a tracked threat actor as UNC2447 abused a SQL injection vulnerability in the SMA100 instance to obtain unauthorized access to networks. After rape, they displayed the Ocorat rear door and a ransomware variant called Fivehands.
Through Bleepingcomputer
