Pre-Authentication Path Traversal Vulnerability in SMA 1000 12.4.2 Firmware

Overview

SonicWall Secure Mobile Access (SMA) 1000 series (12.4.2 firmware only) contains a pre-authentication path traversal vulnerability (CVE-2023-0126)

IMPORTANT: SonicWall PSIRT is not aware of active exploitation against this vulnerability in the wild, nor has a proof of concept (POC) been made public.

Impact

CVE-2023-0126 is a path traversal vulnerability (CVSS 7.5) that potentially allows an unauthenticated threat actor access to files and directories stored outside the web root directory. 

• SMA 1000 12.4.2 is the only firmware impacted.

Resolution

SonicWall engineering published a patch for this vulnerability. 

• Organizations using SMA 12.4.2 firmware should immediately visit MySonicWall.com to download and apply hotfix firmware 12.4.2-05352.
• SMA 1000 12.4.2 is the only firmware under potential risk. No other versions of firmware are impacted.
• The SMA 1000 series includes SMA 6200, 6210, 7200, 7210, 8200v and CMS.

Workaround

• Until the patch is applied, SonicWall strongly recommends administrators limit SMA 1000 access to trusted sources (and/or disable access from untrusted Internet sources).
• Restrict access for Port 8443 to only trusted IP addresses in your organization that need to manage SMA 1000 appliances.

Resources

• PSIRT Advisory
• CVE
• Upgrade Guide