- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Capture Security applianceAdvanced Threat Protection for modern threat landscape
Network Security ManagerModern Security Management for today’s security landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Network Security ManagerModern Security Management for today’s security landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
SonicWall Critical Product Notification - GMS and Analyzer mandatory hotfix
12/20/2019
DESCRIPTION:
GMS and Analyzer Systems
Critical Product Notification
Dear Customer,
An urgent, mandatory hotfix is required to be applied immediately to GMS and Analyzer systems to resolve a high-severity vulnerability.
A set of login authentication vulnerabilities has been discovered in SonicWALL GMS and Analyzer systems. These vulnerabilities are design flaws and none of them are a “backdoor” as erroneously reported in the press.
Please immediately install a mandatory Hotfix for the products listed below. This Hotfix will remove the vulnerability and prevent an attacker from exploiting the application.
See the Support Bulletin and Knowledge Base article for more information. The Hotfix can be downloaded from www.mysonicwall.com. The Release Note found on MySonicWALL.com contains instructions on how to apply the hotfix.
Affected Products
- Dell SonicWALL Appliances
- GMS
- Analyzer
Affected Software Versions
- GMS/Analyzer 8.x
- GMS/Analyzer/UMA 7.x
Issue Summary
GMS/Analyzer contains vulnerabilities that could allow an unauthenticated, remote attacker to and gain administrative access to the GMS.
Resolution
Dell SonicWALL requires that all affected customers immediately install mandatory Hotfix #174525 to remove the vulnerability. This Hotfix can be downloaded from www.mysonicwall.com.
Sincerely,
The SonicWALL Customer Support Team