SonicWall

Security Advisory: SonicWall Not Affected by Critical Remote Code Execution Vulnerability (CVE-2019-1579)

First Published:08/05/2019 Last Updated:03/26/2020

What we know about the Critical Remote Code Execution Vulnerability (CVE-2019-1579)

Researchers have found several security flaws in popular corporate VPNs, which they say can be used to silently break into company networks and steal business secrets.

According to https://techcrunch.com/2019/07/23/corporate-vpn-flaws-risk/

“Devcore researchers Orange Tsai and Meh Chang said the flaws found in the three corporate VPN providers — Palo Alto Networks, Pulse Secure and Fortinet — are ‘easy’ to remotely exploit.”

Once the SSL VPN server is compromised, attackers can infiltrate the Intranet and even take over all users connecting to the SSL VPN server.

According to https://www.tenable.com/blog/cve-2019-1579-critical-pre-authentication-vulnerability-in-palo-alto-networks-globalprotect-ssl

“The researchers found that popular ride-sharing service, Uber, was running an unpatched/vulnerable version of Palo Alto's GlobalProtect. They confirmed their exploit worked against Uber and reported their findings. Uber responded it did not use Palo Alto SSL VPN as its “primary VPN” and that it was hosted on Amazon Web Services (AWS) and not a part of the organization’s “core infrastructure,” which mitigated some of the potential impact of this vulnerability.

For more details about the vulnerability, please refer to: https://devco.re/blog/2019/07/17/attacking-ssl-vpn-part-1-PreAuth-RCE-on-Palo-Alto-GlobalProtect-with-Uber-as-case-study/

Palo Alto Networks issued a security advisory: https://securityadvisories.paloaltonetworks.com/Home/Detail/158 

SonicWall customers are not affected by this vulnerability.

SonicWall Engineering Team have tested and confirmed that SonicWall SSL-VPN products, including WAF, are NOT affected by this vulnerability.

SonicWall Secure Mobile Access (SMA) provides granular access control policy engine, context-aware device authorization, application-level VPN and advanced authentication with single sign-on that protects the corporate network against such malicious requests involving exploitable parameters/format strings aimed at gaining unauthorized access.

To ensure your SonicWall SMA is properly configured, please refer to our in-depth administration guide: https://www.sonicwall.com/support/technical-documentation/

Previous Alert
Last Day Order (LDO) notification for the SonicWall Universal Management Appliance UMA EM5000
Next Alert
Notice: Web Application Firewall (WAF) reaches End-of-Sale February 1, 2020
Empresa
RECURSOS POPULARES

Mantenha-se em Contato

  • Ao enviar este formulário, você concorda com nossos Termos de Uso e reconhece nossa Declaração de Privacidade. Você pode cancelar a assinatura a qualquer momento no Centro de preferências.
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.

© 2024 SonicWall. All Rights Reserved.