Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
Alerts & BugsSonicWALL
Home›Alerts & Bugs›Security Advisory: SonicOS Vulnerability In Firewall Web Management Interface

Security Advisory: SonicOS Vulnerability In Firewall Web Management Interface

By admin
15/06/2021
944
0
Share:
SonicWall Logo

DESCRIPTION:

SonicWall physical and virtual firewalls running certain versions of SonicOS may contain a vulnerability that could be leveraged for an unauthenticated Denial-of-Service (DoS) attack by sending a specially crafted POST request to the web interface.  

At this time, there is no indication that the discovered vulnerability is being exploited in the wild.

SonicWall STRONGLY advises customers to apply the respective SonicOS patch immediately. See below for specific SonicOS versions.

IMPACT

The vulnerability requires Web Management to be enabled on the WAN/LAN interface and requires the precondition of an ongoing active management session. For example, an administrator is logged into the web interface or Global Management System (GMS) / Network Security Manager (NSM) are configured to manage the firewall over HTTPS on the WAN interface.

Other GMS/NSM management modes, enumerated below, are not impacted while WAN management is disabled on the firewall.

The SSL-VPN portal on the firewall, Virtual Office, is NOT affected.

ImplementationImpact
GMS IPSec tunnel modeNot Impacted
GMS Existing VPN tunnel modeNot Impacted
GMS Zero TouchNot Impacted
NSM Zero TouchNot Impacted
GMS Management (Zero Touch Mode)Not Impacted
NSM Management (Zero Touch Mode)Not Impacted

RESOLUTION

Updating SonicOS Firmware (Recommended)

After reviewing this security advisory, please go to MySonicWall and download the appropriate SonicOS patch release from the table below. The following article provides information on “How to Update SonicOS Firmware.”

TEMPORARY MITIGATION: RESTRICT ACCESS TO SONICWALL MANAGEMENT

Until the below patches can be applied, SonicWall strongly recommends that administrators limit SonicOS management access to trusted sources (and/or disable management access from untrusted internet sources) by modifying the existing SonicOS Management access rules (SSH/HTTPS/HTTP Management). This will only allow management access from trusted source IP addresses.

Please refer to the following knowledgebase articles:

  • Suggested tips when allowing access to SonicWall web management 
  • How to restrict Admin access to the device

In addition, it is a recommended practice to update the default management port to a custom port to prevent attacks on well-known ports.

SONICOS PATCH RELEASES

In the table below, find the existing SonicOS version that a firewall is currently running (SonicOS Running Version). Select the SonicOS patch release from the same row, download that version from MySonicWall, and update the SonicOS firmware using the steps linked above.

PlatformsSonicOS Running Version SonicOS Patch Release (Update to version or later) 
TZ, NSa (GEN7)7.0.1-R1262 and older7.0.1-R1456
NSv (Virtual GEN7)7.0.1-R1219 and older 7.0.1-R1282/1283
NSsp (GEN7)7.0.1-R514 and older7.0.1-R579
NSa, TZ, SOHO W, SuperMassive 92xx/94xx/96xx (GEN6+)6.5.4.7 and older6.5.4.8-89n
NSv (Virtual: VMWare/Hyper-V/AWS/Azure/KVM)All versions (virtual)6.5.4.v_21s-1288
NSsp 12K, SuperMassive 98006.5.1.12-1n and older6.5.1.12-3n
SuperMassive 10K6.0.5.3-94o and olderTBD/Pending
NSA, TZ, SOHO (GEN5)5.9.1.13 and olderTBD/Pending

SonicWall has provided patches for recent major and minor releases, as shown in the table above. For devices with hotfixes or language-specific releases, please follow the instructions above to restrict SonicWall management access (HTTPS/HTTP/SSH) to trusted sources and/or disable management access from untrusted internet sources. Once complete, coordinate with SonicWall support to select the appropriate patch with the hotfix.

Previous Article

Sophos: Important Product Lifecycle Update

Next Article

Sophos – Reminder: End of Life for ...

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • Sophos Logo
    Alerts & BugsSophos

    Sophos – Advisory: SafeGuard File Encryption Engine – build 29 withdrawn

    30/10/2019
    By admin
  • Alerts & BugsTrendMicro

    TMRM Scheduled Maintenance on January 26, 2021 for RM Pro (WFXDR) New Feature Release

    25/01/2021
    By admin
  • Sophos Logo
    Alerts & BugsSophos

    Sophos Endpoint Security and Control 10.8.9 fails to install/upgrade on unpatched Windows 7/2008 R2 operating systems

    02/07/2020
    By admin
  • Sophos Logo
    Alerts & BugsSophos

    Advisory: Sophos Central Firewall Manager Scheduled Maintenance January 9th, 2020

    09/01/2020
    By admin
  • SonicWall Logo
    Alerts & BugsSonicWALL

    New Firmware and Software Releases

    08/02/2021
    By admin
  • SonicWall Logo
    Alerts & BugsSonicWALL

    SonicWALL Product News

    25/02/2020
    By admin

  • Sophos Logo
    Software UpdatesSophos

    Sophos – RED Firmware 2.0.016 Pattern Update

  • SonicWall split from Dell
    News

    SonicWall thrives after Dell split

  • WatchGuard Tech Innovator Award
    News

    WatchGuard AuthPoint Wins CRN Tech Innovator Award for Network Security

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Sponsored Links

Latest Comments

  • Paul Sillars
    on
    21/06/2016
    I received this in an email this morning, it was the first I heard about it ...

    Dell Software Group sold to help fund looming EMC deal

  • Paul Sillars
    on
    20/06/2016
    This is going to be an interesting one to watch. Especially after today's announcement that ...

    Ingram Micro gets distribution access to Dell’s security range in Australia

Find us on Facebook

Firewall.News Logo

This site serves more as a reference point for some of the major security vendor's updates and product/press releases

It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

About us

  • PO Box 451, North Lakes, Queensland, 4509, Australia
  • [email protected]
  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • WatchGuard logo

    WatchGuard Support Alert

    By admin
    23/02/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Follow Me

  • Contact
  • About Us
  • Home