Overview
SonicWall, a popular manufacturer of network security products for organisation, has been made aware of threat actors actively targeting a number of their products running unpatched and end-of-life (EOL) firmware. The identified exploitation targets a known vulnerability that has been patched in newer versions of firmware.
SonicWall has urged users to update to the latest available SRA and SMA firmware. Users are at imminent risk of a targeted ransomware attack if they fail to update affected
products.
Recommended Action
Organisations still using unpatched and EOL 8.x firmware need to review the information available on the SonicWall website and take immediate action - https://www.sonicwall.com/support/product-notification/urgent-security-notice-critical-risk-to-unpatched-end-of-life-sra-sma-8-x-remote-accessdevices/210713105333210/
Anyone using SRA 4600/1600 (EOL 2019), SRA 4200/1200 (EOL 2016) or SSL-VPN
200/2000/400 (EOL 2013/2014) should disconnect their appliances immediately and
change all associated passwords.
End-of-life (EOL) hardware, software and firmware rarely - if ever - receive important
security updates. If your organisation’s equipment no longer receive updates,
consider upgrading or finding alternative solutions.
Implement processes (if not already in place) to ensure your organisation’s technical
equipment and software is regularly reviewed and monitored for security updates,
vulnerability mitigations and EOL warnings.
If your organisation uses a technology service provider, get assurances that they maintain high standards for security vulnerability monitoring and patching their
products and services.
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.