Product Security Notice: SMA 100 Series Vulnerability Patches (Q4 2021)

First Published:12/01/2021 Last Updated:12/09/2021

SonicWall has verified and patched vulnerabilities of critical and medium severity (CVSS 5.3-9.8) in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities.


IMPORTANT: There is no evidence that these vulnerabilities are being exploited in the wild.


Details for each patch can be found in PSIRT Advisory SNWLID-2021-0026.


SonicWall strongly urges that organizations follow the guidance below to patch SMA 100 series products, which include SMA 200, 210, 400, 410 and 500v appliances.


TEMPORARY MITIGATIONS

There are no temporary mitigations. SonicWall urges impacted customers to implement applicable patches as soon as possible. 


RESOLUTION

Organizations using SMA 100 series appliances should immediately log in to MySonicWall.com to upgrade their appliances to the patched firmware versions outlined below. For upgrade assistance, please reference the KB article, “How to Upgrade Firmware on SMA 100 Series Appliances” or contact SonicWall support.



Impacted Platform: SMA 100 Series
SMA 200, 210, 400, 410, 500v (ESX, Hyper-V, KVM, AWS, Azure)
ISSUE IDSummaryCVSS ScoreImpacted FirmwareFixed FirmwareCVE
SMA-3217Unauthenticated Stack-based Buffer Overflow9.8 High10.2.1.0-17sv (and earlier)

10.2.1.3-27sv

CVE-2021-20038
10.2.1.1-19sv (and earlier)

10.2.1.3-27sv

10.2.1.2-24sv (and earlier)

10.2.1.3-27sv

SMA-3204Authenticated Command Injection Vulnerability as Root7.2 High9.0.0.11-31sv* (and earlier)

10.2.0.9-41sv

CVE-2021-20039
10.2.0.8-37sv (and earlier)

10.2.0.9-41sv

10.2.1.1 -19sv (and earlier)

10.2.1.3-27sv

SMA-3206Unauthenticated File Upload Path Traversal Vulnerability6.5 Medium10.2.0.8-37sv (and earlier)

10.2.0.9-41sv

CVE-2021-20040
10.2.1.1 -19sv (and earlier)

10.2.1.3-27sv

SMA-3207Unauthenticated CPU Exhaustion Vulnerability7.5 High9.0.0.11-31sv*

10.2.0.9-41sv

CVE-2021-20041
10.2.0.8-37sv (and earlier)

10.2.0.9-41sv

10.2.1.1 -19sv (and earlier)

10.2.1.3-27sv

SMA-3208Unauthenticated "Confused Deputy" Vulnerability6.3 Medium9.0.0.11-31sv* (and earlier)

10.2.0.9-41sv

CVE-2021-20042
10.2.0.8-37sv (and earlier)

10.2.0.9-41sv

10.2.1.1 -19sv (and earlier)

10.2.1.3-27sv

SMA-3231getBookmarks Heap-based Buffer Overflow8.8 High10.2.0.8-37sv (and earlier)

10.2.0.9-41sv

CVE-2021-20043
10.2.1.1 -19sv (and earlier)

10.2.1.3-27sv

SMA-3233Post-Authentication Remote Code Execution (RCE)7.2 High10.2.0.8-37sv (and earlier)

10.2.0.9-41sv

CVE-2021-20044
10.2.1.1 -19sv (and earlier)

10.2.1.3-27sv

SMA-3235Multiple Unauthenticated File Explorer Heap-based and Stack-based Buffer Overflows9.4 High10.2.0.8-37sv (and earlier)

10.2.0.9-41sv

CVE-2021-20045
10.2.1.1 -19sv (and earlier)

10.2.1.3-27sv



NOTE: Support for 9.0.0 firmware ended on 10/31/2021. Customers still using that firmware are requested to upgrade to the latest 10.2.x versions

Trace:8aab0ed913a2dfc0ab0713be2a845ae2-92