SonicWall Secure Mobile Access 1000 Series 12.4.3 and 12.5.0 firmware (see impacted versions) are affected by this vulnerability.
IMPORTANT: These vulnerabilities have been confirmed as being actively exploited in the wild.
This vulnerability is unrelated to any other reported vulnerability on other SonicWall products.
Please review the table below to see the products and their versions that are impacted:
|
Impacted Product(s) |
Impacted Versions |
|
SMA 1000 (6210, 7210, 8200v & CMS – all hypervisors) |
12.4.3-03245, 12.4.3-03387, 12.4.3-03434 12.5.0-02283, 12.5.0-02624, 12.5.0-02800 |
|
Impacted Product(s) |
Impacted Versions |
Fixed Version |
|
SMA 1000 (6210, 7210, 8200v & CMS – all hypervisors) |
12.4.3-03245, 12.4.3-03387, 12.4.3-03434
12.5.0-02283, 12.5.0-02624, 12.5.0-02800 |
12.4.3-03453 and higher versions 12.5.0-02835 and higher versions |
All organizations with deployments of SMA1000 appliances (whether virtual or physical) on affected versions must perform the following:
Note: Configuration backups should only be used if the backup pre-dates the installation of the December hotfix versions (12.4.3-03245 & 12.5.0-02283). When no configuration backup exists prior to installation of the December hotfix, it is recommended to closely audit the configuration to ensure it has not been tampered with.
Note: For guidance on locating these indicators, or for all other questions related to this vulnerability, please open a SonicWall Support case through Contact Support - SonicWall.
Change Log: