SonicWall Statement on VPNFilter

12/20/2019

DESCRIPTION:

SonicWall firewalls and other appliances are not impacted by VPNFilter.

SonicWall researchers are continuing to monitor developments surrounding VPNFilter and have so far confirmed that no SonicWall appliances are impacted by the malware. SonicWall customers are being advised that there is no need to reboot or take any action on any SonicWall appliance.

On May 23 2018, researchers at Cisco Talos published a report documenting a new sophisticated modular malware system known as VPNFilter.

More than 500,000 devices around the world are said to be infected with this malware – most of them are consumer internet routers from a range of different vendors.

Below is a list of routers Symantec identified as vulnerable to VPNFilter.

    Linksys E1200

    Linksys E2500

    Linksys WRVS4400N

    Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072

    Netgear DGN2200

    Netgear R6400

    Netgear R7000

    Netgear R8000

    Netgear WNR1000

    Netgear WNR2000

    QNAP TS251

    QNAP TS439 Pro

    Other QNAP NAS devices running QTS software

    TP-Link R600VPN

"No other vendors, including Cisco, have been observed as infected by VPNFilter, but our research continues," according to Cisco Talos, which first reported the bug.

SonicWall researchers are continuing to monitor developments surrounding VPNFilter but have so far confirmed that no SonicWall appliances are impacted by the malware. SonicWall customers are being advised that there is no need to reboot or take any action on any SonicWall appliance.

If you use one of the routers that have been identified as vulnerable to VPNFIlter, we recommend following the directions issued by the manufacturer. The following is a list of security advisories and responses published by the companies impacted to date:

- QNAP

- MikroTik

- Netgear