Support on SonicWall Products, Services and Solutions
Browse Knowledgebase by Category
SWEET32 vulnerability of 64 bit ciphers (3DES/Blowfish) - CVE-2016-2183
03/26/2020 99 15161
A vulnerability scan on the HTTPS management port or SSL-VPN port shows that the SonicWall is vulnerable to the SWEET 32 attack on 64 bit ciphers (3DES/Blowfish)
Unaffected firmware versions:
- 22.214.171.124-32n and above
- 126.96.36.199-20n and above
- 188.8.131.52-23n and above
- 184.108.40.206-10o and above
Affected firmware versions:
- 220.127.116.11-26n and below
- 18.104.22.168-41n and below
- 22.214.171.124-27n and below
- 126.96.36.199-2o and below
- 188.8.131.52-13o and below
Previous SonicWall firmware allows the use of 3DES for TLS connections and is therefore vulnerable to the SWEET 32 attack described in CVE-2016-2183.
This issue has been fixed in the latest general release firmware.
To download release notes and firmware please visit www.mysonicwall.com. To upgrade SonicOS firmware please see How to Upgrade SonicOS Firmware.