-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Security Advisory: SonicWall Not Affected by Critical Remote Code Execution Vulnerability (CVE-2019-1579)
First Published:08/05/2019
Last Updated:03/26/2020
What we know about the Critical Remote Code Execution Vulnerability (CVE-2019-1579)
Researchers have found several security flaws in popular corporate VPNs, which they say can be used to silently break into company networks and steal business secrets.
According to https://techcrunch.com/2019/07/23/corporate-vpn-flaws-risk/
“Devcore researchers Orange Tsai and Meh Chang said the flaws found in the three corporate VPN providers — Palo Alto Networks, Pulse Secure and Fortinet — are ‘easy’ to remotely exploit.”
Once the SSL VPN server is compromised, attackers can infiltrate the Intranet and even take over all users connecting to the SSL VPN server.
“The researchers found that popular ride-sharing service, Uber, was running an unpatched/vulnerable version of Palo Alto's GlobalProtect. They confirmed their exploit worked against Uber and reported their findings. Uber responded it did not use Palo Alto SSL VPN as its “primary VPN” and that it was hosted on Amazon Web Services (AWS) and not a part of the organization’s “core infrastructure,” which mitigated some of the potential impact of this vulnerability.”
For more details about the vulnerability, please refer to: https://devco.re/blog/2019/07/17/attacking-ssl-vpn-part-1-PreAuth-RCE-on-Palo-Alto-GlobalProtect-with-Uber-as-case-study/
Palo Alto Networks issued a security advisory: https://securityadvisories.paloaltonetworks.com/Home/Detail/158
SonicWall customers are not affected by this vulnerability.
SonicWall Engineering Team have tested and confirmed that SonicWall SSL-VPN products, including WAF, are NOT affected by this vulnerability.
SonicWall Secure Mobile Access (SMA) provides granular access control policy engine, context-aware device authorization, application-level VPN and advanced authentication with single sign-on that protects the corporate network against such malicious requests involving exploitable parameters/format strings aimed at gaining unauthorized access.
To ensure your SonicWall SMA is properly configured, please refer to our in-depth administration guide: https://www.sonicwall.com/support/technical-documentation/
Follow Us
© 2024 SonicWall. All Rights Reserved.