Product Notifications

Recent Notifications

Notifications by Category

October 2021

10/28/2021

What is the vulnerability?A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains. The following SonicWall products are impacted by this non-critical vulnerability:PlatformsImpacted VersionTZ, NSa (GEN7)7.0.1-R1262 and olderNSv (Virtual GEN7)7.0.1-R1283 and olderNSsp (GEN7)7.0.1-R579 and olderNSa, TZ, SOHO W, SuperMassive 92xx/94xx/96xx (GEN6+)6.5.4.7 and olderNSsp 12K, SuperMassive 98006.5.1.12 and olderSuperMassive 10K6.0.5.3-94o and olderNSv (Virtu

September 2021

09/24/2021

A critical vulnerability (CVSS 9.1) in SMA 100 series appliances, which includes SMA 200, 210, 400, 410 and 500v, could potentially allow a remote unauthenticated attacker the ability to delete arbitrary files from a SMA 100 series appliance and potentially gain administrator access to the device.The vulnerability (SNWLID-2021-0021) is due to an improper limitation of a file path to a restricted directory potentially leading to arbitrary file deletion as ‘nobody.’There is no evidence that this vulnerability is being exploited in the wild.SonicW

August 2021

08/10/2021

Some versions of SonicWall Analytics On-Prem contain a critical (CVSSv3 9.8) Java Debug Wire Protocol (JWDP) service vulnerability that potentially can be leveraged by a remote, unprivileged user to execute arbitrary code within the system.SonicWall PSIRT is not aware of active exploitation in the wild.ImpactThe vulnerability allows for unauthenticated remote exploitation. Deployment of SonicWall Analytics 2.5 and earlier are ‘on-prem’ and should be in a secure network segmentation not exposed to the internet. Temporary MitigationsUntil the bel

July 2021

07/15/2021

Through the course of collaboration with trusted third parties, including Mandiant, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware in an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of firmware.SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below an

07/08/2021

Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a crash or potentially read sensitive information from the memory locations.OverviewSonicWall Switches running certain versions of impacted firmware may contain a vulnerability that could be leveraged for an OOB (Out-Of-Bounds) read by sending a specially crafted LLDP packet.ImpactOut-of-bounds Read allow attackers to cause a SonicWall switch crash or potentially read sensitive information from other memory locations. A crash can

June 2021

06/22/2021

SonicWall physical and virtual firewalls running certain versions of SonicOS may contain a vulnerability where the HTTP server response leaks partial memory. This can potentially lead to an internal sensitive data disclosure vulnerability.At this time, there is no indication that the discovered vulnerability is being exploited in the wild.RESOLUTIONSonicWall strongly advises customers apply the respective SonicOS patch immediately. After reviewing this security advisory, please go to MySonicWall and download the appropriate SonicOS patch releas

06/15/2021

UPDATE: June 15, 2021 | 10 a.m. PDTAdditional analysis confirms that one of the requirements for the vulnerability to be triggered is that the potential attack must come from the same origin IP as the active management session. That requires the admin to either have their machine compromised, or the attacker and the admin reside on the same remote network. Both of these scenarios are exceptionally unlikely. While we have yet to see this vulnerability exploited in the wild, SonicWall still recommends the upgrade for all impacted users.June 14, 2

06/15/2021

SonicWall is aware of a new vulnerability, reported by CrowdStrike, impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA 4600 running an old version of firmware (9.0.0.9-26sv or earlier). In February 2021, SonicWall released SMA firmware 10.2.0.7 and 9.0.0.10 to fix a zero-day vulnerability, along with additional comprehensive code-strengthening. This strengthening proactively prevented this newly reported vulnerability in 9.0.0.10. Organizations that already upgraded to the 9.0.0.10 firmware are already protected ag

May 2021

05/27/2021

May 27, 2021, 11:30 a.m. PDT.SonicWall has validated and patched a post-authentication vulnerability (SNWLID-2021-0014) within the on-premises version of Network Security Manager (NSM). This vulnerability only impacts on-premises NSM deployments. SaaS versions of NSM are not affected.This critical vulnerability potentially allows a user to execute commands on a device’s operating system with the highest system privileges (root).SonicWall customers using the on-premises NSM versions outlined below should upgrade to the respective patched version

05/20/2021

Update: May 20, 2021. 10 a.m. PDT.SonicWall engineering has completed the fix to remove duplicate client entries for all tenants that are not using static groups within Capture Client 3.6. If you are such a customer and still have issues, please contact SonicWall Technical Support.IssueActionsStatusSlowness, longer-than-normal load times or timeout errors while working within the Capture Client 3.6 management console.Performance improvements applied by SonicWall on May 19, 2021.ResolvedInstances of clients displaying an “Unlicensed” status or d

April 2021

04/29/2021

Update: April 29, 2021, 12:30 P.M. CSTSonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance.Upgrade StepsAll organizations using SMA 10.x or SMA 9.x firmware should immediately implement the following:Upgrade to the latest SMA 100 series firmware available from www.mysonicwall.com.SMA 100 series 10.x customers should upgrade to 10.2.0.7-34sv firmware.SMA 100 series 9.x customers should

04/20/2021

Through the course of standard collaboration and testing, SonicWall has verified, tested and published patches to mitigate three zero-day vulnerabilities to its hosted and on-premises email security products.In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’ It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version listed belo

March 2021

03/08/2021

SonicWall will be updating IP addresses for the Hosted Email Security (HES) platform in North America. NOTE:  HES for Europe does not need to update IPs.Network administrators will need to update access rules to allow for the following HES subnets:173.240.210.0/24173.240.213.0/24173.240.214.0/24204.212.170.0/24The subnets can also be found in the HES FAQ KB article and firewall settings.HES FAQ KB article: https://www.sonicwall.com/support/knowledge-base/sonicwall-hosted-email-security-faq/170504903060180/Firewall rules for HES: https

January 2021

01/15/2021

Updated January 15, 2021The U.S. Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have confirmed that malicious threat actors have been and are actively exploiting vulnerabilities in SolarWinds Orion products, specifically affecting versions 2019.4 through 2020.2 HF1. These malware variants are capable of transferring data, file execution, system profiling, rebooting and more.Both SolarWinds and the CISA strongly suggest that organizations using SolarWinds Orion verify the version they’re run

October 2020

10/28/2020

The SonicWall Product Security Incident Response Team (PSIRT) collaborated with a third-party research firm to test, confirm and correct discovered vulnerabilities related to physical and virtual SonicWall next-generation firewall appliances. These findings included:In some cases, vulnerabilities allowed remote attackers to cause Denial of Service (DoS) attacks against a firewall, which may lead to an appliance crash.In some cases, there existed a cross-site scripting (XSS) vulnerability in the firewall's SSL-VPN portal as well as possible user

10/28/2020

Knowledge BaseHow Do I Configure The SSL-VPN Feature For Use With NetExtender Or Mobile Connect?How Can I Enable Port Forwarding And Allow Access To A Server Through The SonicWall?How Can I Configure WAN GroupVPN For Connecting With Global VPN Client?How Can I Setup SSL-VPN?L2TP VPN Configuration On Mac OS XPornographic Websites Not Blocked Due To "Not Rated" CategorizationHow Do I Recover Or Reset The Administrator Password For A SonicWall Firewall Appliance?How To Configure High Availability (HA)SSL VPN Client Is Connected And Authenticated B

September 2020

09/17/2020

There exists a potential domain name collision vulnerability in SonicWall SSL-VPN technology that could result from a security misconfiguration of the impacted products.SonicWall is not aware that the reported vulnerability has been exploited or that any customer has been negatively impacted by the vulnerability.A domain name collision occurs when an attempt to resolve a name used in a private namespace (e.g., under a non-delegated top-level domain, or a short, unqualified name) results in a query to the public Domain Name System (DNS). When th

09/17/2020

A vulnerability in SonicWall’s cloud-based product registration system that was publicly reported by a media outlet was quickly researched, verified and promptly patched on August 26, 2020. Approximately two weeks earlier, SonicWall identified the reported vulnerability (SNWLID-2020-0005) as part of its PSIRT program, and rapidly created a fix that underwent full testing and certification.At no time did SonicWall detect, or become aware of, any attempted exploitation of the vulnerability in the cloud-based product registration system. The fix w

09/17/2020

SonicWall SwitchesSonicWall Switches offer multi-gigabit wired performance that lets you rapidly scale your branch networks through remote installation. Available in seven models — ranging from eight to 48 ports, with gigabit and 10 gigabit ethernet ports — SonicWall Switches deliver network switching that accommodates the growing number of mobile and IoT devices in branch locations and provides the network performance needed to support cloud-delivered applications. SonicWall Switches also fit seamlessly into your existing SonicWall ecosystem,

09/17/2020

As of 2/13/2020 Chrome has updated to version 80.0.3987.106 which no longer causes issues with firewall management.In February 2020 Chrome released software version 80. In this version there were changes made to how cookies and JavaScript are handled. Due to this update, SonicWall firewalls using the self-signed certificate, are not able to be managed. Firewalls that use a trusted certificate (for example a GoDaddy CA root) are not affected by this Chrome update.Our engineering teams are working on this issue to provide a resolution to customer

Product Categories

Analyzer

06/04/2020

As previously announced, SonicWall Analyzer 8.5 reached “End of Support” on the 24 April, 2020.Please see the SonicWall Analyzer product Lifecycle page: https://www.SonicWall.com/support/product-Lifecycle-tables/SonicWall-analyzer/software/.As the Analyzer license is perpetual and hence does not expire, customers can continue to use Analyzer. However, since 24 April 2020,  any new cases logged will not be supported. This includes patches, bug fixes and new feature updates.SonicWall On-premise Analytics 2.5 is the replacement
GMS

03/26/2020

SonicWall will discontinue support for Infobright MYSQL reporting database in GMS/Analyzer on November 30, 2018 All GMS/Analyzer customers using Infobright MYSQL reporting database must migrate from Infobright MYSQL reporting database to PostGres reporting database on or before November 30, 2018 to continue availing support services on GMS/Analyzer reporting.SonicWall will continue supporting PostGres reporting database in GMS/Analyzer. Please refer the to the following knowledge base article for more details: GMS Upgrade Matrix and Considerati

12/20/2019

The disclosure by Palo Alto Networks Unit 42 is not a vulnerability to the current SonicWall Global Management System (GMS). The issue referenced only affects older versions of the GMS software (versions 8.1 or earlier; no longer supported). GMS 8.1 was replaced by version 8.2 in December 2016. Customers and partners running GMS 8.2 and newer are not vulnerable. SonicWall and the Capture Labs threat research team continuously update its products to provide industry-leading protection against the latest security threats, so it is crucial that cu
NSA Series

03/26/2020

Active Retirement Mode Announcement SonicWall is initiating the Active Retirement Mode (ARM) notification for the SonicWall NSA E6500.  Active Retirement Mode is the second phase of the SonicWall End of Life process outlined at the end of this document.  During this phase SonicWall will no longer actively manufacture or sell the products listed below.  In addition, SonicWall may release a limited number of new features and will issue bug fixes only to the latest version of firmware available for the device After the ARM phase ha

03/26/2020

SonicWall previously announced that the SonicWall Enforced Client offerings (both McAfee and Kaspersky) are End of Life (EOL) and no longer available for purchase starting April 2018. McAfee also previously announced an EOL for the endpoint technology that was used; with Kaspersky it was a strategic decision to no longer sell the product due to government concerns raised by the product around data privacy. SonicWall now announces the End of Support dates for SonicWall Enforced Client as follows: January 11th 2019 – Limited Support for SonicWal

12/20/2019

The Sonicwall Capture Labs Threats Research team have come across a variant of the DesuCrypt ransomware called InsaneCrypt.  This variant uses RC4 encryption and encrypts files immediately upon execution.  Unlike earlier ransomware, there are no threatening countdown timers and ransom payments amounts immediately presented to the victim.  Instead, as is the growing trend with most ransomware today, the victim must communicate with the operator via email for further instructions. Detected as: InsaneCrypt.RSM InsaneCrypt.RSM_2 BTC

12/20/2019

What Is Bad Rabbit Ransomware? On Tuesday, Oct. 24, a new strand of ransomware named Bad Rabbit appeared in Russia and the Ukraine and spread throughout the day. It first was found after attacking Russian media outlets and large organizations in the Ukraine. The initial installer masquerades as a Flash update.  Interestingly, this malware contains a list of hardcoded Windows credentials, most likely to brute force entry into devices on the network, according to SonicWall Capture Labs Threat researchers.  Are SonicWall Customers Prote

12/20/2019

Active Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) notification for the Dell SonicWALL NSA 220 series.  Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document.  During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below.  In addition, Dell SonicWALL may release a limited number of new features and will issue bug fixes only to the latest version of firmware available for the

12/20/2019

SonicWall has received notification of a tech scam that involves entities posing as authorized SonicWall partners, often to gain access to the systems or computers of individual consumers and small businesses. SonicWall has confirmed that these parties are not authorized SonicWall distributors or partners, and that they are using non-standard approaches like requesting access to an end user’s computer, asking end users download files onto their device or demand sensitive personal or financial information. SonicWall sells its network security so

12/20/2019

SonicWall - Last Day Order Announcement for SonicWall NSA 250M Wireless Model Last day Order Announcement SonicWall is initiating the Last Day Order (LDO) notification for the SonicWall NSA 250M Wireless.  Last Day Order is the first phase of the SonicWall End of Life process outlined at the end of this document.  During this phase, authorized SonicWall partners and distributors may purchase NSA 250M Wireless hardware SKUs from SonicWall.  After the LDO phase has ended, SonicWall will no longer accept orders for the SKU
NSA SeriesTZ Series

12/20/2019

This week, the SonicWall Capture Labs Threat Research Team has received reports of  unsolicited emails that came  with a link to download a fake UPS shipping label creator which dropped a malicious jar file only to install a RAT. Sonicwall Capture Labs provides protection against this threat with the following signatures: GAV: Java.Fake.UPS (Trojan) GAV: Jrat.A (Trojan) Full details about this threat can be found on our Security Center. Follow us on Twitter for real time threat updates: https://twitter.com/SonicWall  
NSa Series

10/28/2021

What is the vulnerability?A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains. The following SonicWall products are impacted by this non-critical vulnerability:PlatformsImpacted VersionTZ, NSa (GEN7)7.0.1-R1262 and olderNSv (Virtual GEN7)7.0.1-R1283 and olderNSsp (GEN7)7.0.1-R579 and olderNSa, TZ, SOHO W, SuperMassive 92xx/94xx/96xx (GEN6+)6.5.4.7 and olderNSsp 12K, SuperMassive 98006.5.1.12 and olderSuperMassive 10K6.0.5.3-94o and olderNSv (Virtu
Secure Mobile Access

07/15/2021

Through the course of collaboration with trusted third parties, including Mandiant, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware in an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of firmware.SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below an

12/20/2019

The SMA 1000 and SMA 100 series depend on device ID's to apply End Point Control (EPC) policies to end users. Device ID's are generated at the time an end user connects to an SMA appliance using Mobile Connect. Recently Apple has changed security guidelines for third party apps. Apps can no longer pull or use device hardware ID's due to privacy concerns (https://developer.apple.com/reference/uikit/uidevice/1620059-identifierforvendor). Because of this recent change end users with Mobile Connect 5 may no longer recieve correct EPC policies. Any

12/20/2019

On February 8, 2018, a SMA WAF signature update was pushed to all customers that have enabled WAF on the SonicWall Secure Mobile Access appliance. This is a typical occurrence, however, two signatures displayed a negative impact on ActiveSync connections, commonly associated with webmail. Upon discovery, SonicWall initiated the process to retract the update until the offending signatures have been corrected. If you are negatively impacted by this update please perform the provided workaround until the signatures are automatically corrected: Nav
SonicPoint Series

12/20/2019

On January 4th, 2018 security researchers made public earlier findings on two processor vulnerabilities known as Spectre and Meltdown. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. So far, we are tracking and providing updates on the following three known variants of the issue:    Variant 1: bounds check bypass (CVE-2017-5753)    Variant 2: branch target injection (CVE-2017-5715)    Variant 3: rogue data cache load (CVE-2017-575

12/20/2019

On October 16, 2017 security researchers made public earlier findings in which they demonstrated fundamental design flaws in WPA2 that could theoretically lead to man-in-the-middle (MITM) attacks using key reinstallation attacks (KRACKs). Exploiting the vulnerability could enable cyber criminals to steal confidential information such as email, credit card numbers, passwords and more. The WPA2 design flaws are protocol vulnerabilities and are not implementation specific. Both wireless access points and wireless clients are susceptible. Details o
Support Alert

01/15/2021

Updated January 15, 2021The U.S. Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have confirmed that malicious threat actors have been and are actively exploiting vulnerabilities in SolarWinds Orion products, specifically affecting versions 2019.4 through 2020.2 HF1. These malware variants are capable of transferring data, file execution, system profiling, rebooting and more.Both SolarWinds and the CISA strongly suggest that organizations using SolarWinds Orion verify the version they’re run

05/27/2021

May 27, 2021, 11:30 a.m. PDT.SonicWall has validated and patched a post-authentication vulnerability (SNWLID-2021-0014) within the on-premises version of Network Security Manager (NSM). This vulnerability only impacts on-premises NSM deployments. SaaS versions of NSM are not affected.This critical vulnerability potentially allows a user to execute commands on a device’s operating system with the highest system privileges (root).SonicWall customers using the on-premises NSM versions outlined below should upgrade to the respective patched version

05/20/2021

Update: May 20, 2021. 10 a.m. PDT.SonicWall engineering has completed the fix to remove duplicate client entries for all tenants that are not using static groups within Capture Client 3.6. If you are such a customer and still have issues, please contact SonicWall Technical Support.IssueActionsStatusSlowness, longer-than-normal load times or timeout errors while working within the Capture Client 3.6 management console.Performance improvements applied by SonicWall on May 19, 2021.ResolvedInstances of clients displaying an “Unlicensed” status or d

04/29/2021

Update: April 29, 2021, 12:30 P.M. CSTSonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance.Upgrade StepsAll organizations using SMA 10.x or SMA 9.x firmware should immediately implement the following:Upgrade to the latest SMA 100 series firmware available from www.mysonicwall.com.SMA 100 series 10.x customers should upgrade to 10.2.0.7-34sv firmware.SMA 100 series 9.x customers should

04/20/2021

Through the course of standard collaboration and testing, SonicWall has verified, tested and published patches to mitigate three zero-day vulnerabilities to its hosted and on-premises email security products.In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’ It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version listed belo

06/22/2021

SonicWall physical and virtual firewalls running certain versions of SonicOS may contain a vulnerability where the HTTP server response leaks partial memory. This can potentially lead to an internal sensitive data disclosure vulnerability.At this time, there is no indication that the discovered vulnerability is being exploited in the wild.RESOLUTIONSonicWall strongly advises customers apply the respective SonicOS patch immediately. After reviewing this security advisory, please go to MySonicWall and download the appropriate SonicOS patch releas

06/15/2021

SonicWall is aware of a new vulnerability, reported by CrowdStrike, impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA 4600 running an old version of firmware (9.0.0.9-26sv or earlier). In February 2021, SonicWall released SMA firmware 10.2.0.7 and 9.0.0.10 to fix a zero-day vulnerability, along with additional comprehensive code-strengthening. This strengthening proactively prevented this newly reported vulnerability in 9.0.0.10. Organizations that already upgraded to the 9.0.0.10 firmware are already protected ag

06/15/2021

UPDATE: June 15, 2021 | 10 a.m. PDTAdditional analysis confirms that one of the requirements for the vulnerability to be triggered is that the potential attack must come from the same origin IP as the active management session. That requires the admin to either have their machine compromised, or the attacker and the admin reside on the same remote network. Both of these scenarios are exceptionally unlikely. While we have yet to see this vulnerability exploited in the wild, SonicWall still recommends the upgrade for all impacted users.June 14, 2

03/08/2021

SonicWall will be updating IP addresses for the Hosted Email Security (HES) platform in North America. NOTE:  HES for Europe does not need to update IPs.Network administrators will need to update access rules to allow for the following HES subnets:173.240.210.0/24173.240.213.0/24173.240.214.0/24204.212.170.0/24The subnets can also be found in the HES FAQ KB article and firewall settings.HES FAQ KB article: https://www.sonicwall.com/support/knowledge-base/sonicwall-hosted-email-security-faq/170504903060180/Firewall rules for HES: https

08/10/2021

Some versions of SonicWall Analytics On-Prem contain a critical (CVSSv3 9.8) Java Debug Wire Protocol (JWDP) service vulnerability that potentially can be leveraged by a remote, unprivileged user to execute arbitrary code within the system.SonicWall PSIRT is not aware of active exploitation in the wild.ImpactThe vulnerability allows for unauthenticated remote exploitation. Deployment of SonicWall Analytics 2.5 and earlier are ‘on-prem’ and should be in a secure network segmentation not exposed to the internet. Temporary MitigationsUntil the bel

07/08/2021

Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a crash or potentially read sensitive information from the memory locations.OverviewSonicWall Switches running certain versions of impacted firmware may contain a vulnerability that could be leveraged for an OOB (Out-Of-Bounds) read by sending a specially crafted LLDP packet.ImpactOut-of-bounds Read allow attackers to cause a SonicWall switch crash or potentially read sensitive information from other memory locations. A crash can

09/24/2021

A critical vulnerability (CVSS 9.1) in SMA 100 series appliances, which includes SMA 200, 210, 400, 410 and 500v, could potentially allow a remote unauthenticated attacker the ability to delete arbitrary files from a SMA 100 series appliance and potentially gain administrator access to the device.The vulnerability (SNWLID-2021-0021) is due to an improper limitation of a file path to a restricted directory potentially leading to arbitrary file deletion as ‘nobody.’There is no evidence that this vulnerability is being exploited in the wild.SonicW

10/20/2021

This Sunday (8/8) during scheduled down time starting at 7 a.m. UTC, our case management platform will be unavailable for approximately 3 .During this maintenance window, end users will not be able to create or update support cases in MySonicWall. Our contact centers will remain open and our support teams will continue to answer calls although they will have limited access to case details.Maintenance Start: 07:00 UTC 2021-08-08Maintenance End:  10:00 UTC 2021-08-08 NOTE: If you have any questions or concerns, please reach out to us on the

03/26/2020

05/17/2019 05:00PM UTC - 05/19/2019 05:00PM UTC Please be aware that CSC-Management, Reporting and Analytics services for the Europe region will be upgraded to v1.5 from May 17th, 10 am to May 19th, 10am (PST). During this time, the services will experience downtime. Your firewall will remain active and you can log-in to the firewall web GUI to access it. Please contact SonicWall support for any assistance. We apologize for the inconvenience and thank you for your patience. Note: During downtime, you can continue to ma

03/26/2020

Update as of 7/4/19 2:30 pm EST: The signature (SID 6855) has been removed from the Ultrasurf application. If you continue to experience issues with blocked apps/websites please update the App Control database by logging into the firewall and navigating to MANAGE | Rules | App Control and click Update. Status: Investigating July 4, 2019, 2 a.m. EST Issue: Skype, MS Teams, Slack and other applications may be blocked by App Control Signature ID 6855 - PROXY-ACCESS Ultrasurf. Cause: A new signature was released to block Ultrasurf but this

03/26/2020

What we know about the Critical Remote Code Execution Vulnerability (CVE-2019-1579) Researchers have found several security flaws in popular corporate VPNs, which they say can be used to silently break into company networks and steal business secrets. According to https://techcrunch.com/2019/07/23/corporate-vpn-flaws-risk/ “Devcore researchers Orange Tsai and Meh Chang said the flaws found in the three corporate VPN providers — Palo Alto Networks, Pulse Secure and Fortinet — are ‘easy’ to remotely exploit.” Once the SSL VPN server is compromis

03/26/2020

On Thursday, April 11, researchers from the Carnegie Mellon University Software Engineering Institute published a global vulnerability regarding virtual private network (VPN) applications storing authentication and/or session cookies insecurely in memory and/or log files.At this time, SonicWall is not aware of any situation where a currently valid session token is written to log files outside of very specific debug configurations, which are being eliminated as a precaution to prevent any potential misuse. As such, SonicWall customers using IPSE

03/26/2020

06/01/2019 04:00AM UTC - 06/03/2019 11:00AM UTC This is to notify that CSC-Management, Reporting and Analytics services for the North America region will be upgraded to v1.5 from May 31st, 9 pm to June 3rd, 4 am (PST). During this time, the services will experience downtime. Your firewall will remain active and you can log-in to the firewall web GUI to access it. We apologize for the inconvenience and thank you for your patience. Note: During downtime, you can continue to manage firewalls by logging to them directly. Please ensure that you have

03/26/2020

SonicWall physical firewall appliances running certain versions of SonicOS contain vulnerabilities in code utilized for remote management. At this time, there is no indication that the discovered vulnerabilities are being exploited in the wild, however: SonicWall STRONGLY advises to apply the SonicOS patch immediately. IF you cannot update immediately, as a mitigation please restrict SonicWall management access (HTTPS/HTTP/SSH) to trusted sources and/or disable management access from untrusted Internet sources, then apply the SonicOS patch as s

09/17/2020

As of 2/13/2020 Chrome has updated to version 80.0.3987.106 which no longer causes issues with firewall management.In February 2020 Chrome released software version 80. In this version there were changes made to how cookies and JavaScript are handled. Due to this update, SonicWall firewalls using the self-signed certificate, are not able to be managed. Firewalls that use a trusted certificate (for example a GoDaddy CA root) are not affected by this Chrome update.Our engineering teams are working on this issue to provide a resolution to customer

09/17/2020

There exists a potential domain name collision vulnerability in SonicWall SSL-VPN technology that could result from a security misconfiguration of the impacted products.SonicWall is not aware that the reported vulnerability has been exploited or that any customer has been negatively impacted by the vulnerability.A domain name collision occurs when an attempt to resolve a name used in a private namespace (e.g., under a non-delegated top-level domain, or a short, unqualified name) results in a query to the public Domain Name System (DNS). When th

09/17/2020

SonicWall SwitchesSonicWall Switches offer multi-gigabit wired performance that lets you rapidly scale your branch networks through remote installation. Available in seven models — ranging from eight to 48 ports, with gigabit and 10 gigabit ethernet ports — SonicWall Switches deliver network switching that accommodates the growing number of mobile and IoT devices in branch locations and provides the network performance needed to support cloud-delivered applications. SonicWall Switches also fit seamlessly into your existing SonicWall ecosystem,

09/17/2020

A vulnerability in SonicWall’s cloud-based product registration system that was publicly reported by a media outlet was quickly researched, verified and promptly patched on August 26, 2020. Approximately two weeks earlier, SonicWall identified the reported vulnerability (SNWLID-2020-0005) as part of its PSIRT program, and rapidly created a fix that underwent full testing and certification.At no time did SonicWall detect, or become aware of, any attempted exploitation of the vulnerability in the cloud-based product registration system. The fix w

05/06/2020

SonicWall recently launched a new online community to connect cybersecurity professionals. This is the go-to place for SonicWall users, partners, employees, and experts to ask questions, find answers and connect with one another from around the world. The community can be viewed by anyone and is free to join!What does SonicWall Community offers?Learn about best practices and use SonicWall to lower total cost of ownership and maximize the value derived from SonicWall products.Connect with product management and support to ask questions, get help

10/28/2020

The SonicWall Product Security Incident Response Team (PSIRT) collaborated with a third-party research firm to test, confirm and correct discovered vulnerabilities related to physical and virtual SonicWall next-generation firewall appliances. These findings included:In some cases, vulnerabilities allowed remote attackers to cause Denial of Service (DoS) attacks against a firewall, which may lead to an appliance crash.In some cases, there existed a cross-site scripting (XSS) vulnerability in the firewall's SSL-VPN portal as well as possible user

10/28/2020

Knowledge BaseHow Do I Configure The SSL-VPN Feature For Use With NetExtender Or Mobile Connect?How Can I Enable Port Forwarding And Allow Access To A Server Through The SonicWall?How Can I Configure WAN GroupVPN For Connecting With Global VPN Client?How Can I Setup SSL-VPN?L2TP VPN Configuration On Mac OS XPornographic Websites Not Blocked Due To "Not Rated" CategorizationHow Do I Recover Or Reset The Administrator Password For A SonicWall Firewall Appliance?How To Configure High Availability (HA)SSL VPN Client Is Connected And Authenticated B

04/16/2020

SonicWall is continuing to monitor COVID-19 (coronavirus) and the ever-evolving global impact it is having on our international community. The world is testing its ability to go remote or work from home during this outbreak. Many companies find themselves with the need to rapidly scale their remote work capabilities. Existing SonicWall firewall administrators can learn more about configuring and troubleshooting remote workforce access by visiting Popular firewall SSLVPN and GVC articles for the remote workforce. Existing SonicWall SMA admini

12/20/2019

SonicWall firewalls and other appliances are not impacted by VPNFilter. SonicWall researchers are continuing to monitor developments surrounding VPNFilter and have so far confirmed that no SonicWall appliances are impacted by the malware. SonicWall customers are being advised that there is no need to reboot or take any action on any SonicWall appliance. On May 23 2018, researchers at Cisco Talos published a report documenting a new sophisticated modular malware system known as VPNFilter. More than 500,000 devices around the world are said to b
TZ Series

03/26/2020

Researchers have found multiple defects including a Man-in-the-Middle (MITM) vulnerability in versions 1.0.1 and 1.0.2-beta of OpenSSL, the cryptographic software library. For detailed information on the Man-in-the-Middle and other vulnerabilities see the OpenSSL website. SonicWall Firewalls and GMS Are Not Affected SonicWall firewalls (TZ, NSA, E-Class NSA, SuperMassive) and Global Management System (GMS) are NOT affected by the vulnerabilities. Additionally, firewalls with an active Intrusion Prevention Service have, as of June 5, 2014, signa

12/20/2019

SonicWALL Active Retirement Mode Announcement for SonicWALL SRA 1600,SRA 4600, SRA EX6000 & SRA EX7000Active Retirement Mode Announcement SonicWALL is initiating the Active Retirement Mode (ARM) notification for the SonicWALL SRA 1600, SRA 4600, SRA EX 6000 and SRA EX 7000.  Active Retirement Mode is the second phase of the  SonicWALL End of Life process outlined at the end of this document.  During this phase  SonicWALL will no longer actively manufacture or sell the products listed below.  In addition, &

12/20/2019

GMS and Analyzer SystemsCritical Product NotificationDear Customer,An urgent, mandatory hotfix is required to be applied immediately to GMS and Analyzer systems to resolve a high-severity vulnerability. A set of login authentication vulnerabilities has been discovered in SonicWALL GMS and Analyzer systems. These vulnerabilities are design flaws and none of them are a “backdoor” as erroneously reported in the press.Please immediately install a mandatory Hotfix for the products listed below.  This Hotfix will remove the

12/20/2019

Dell SonicWALL Notice Concerning Potential Back Doors into Dell SonicWALL FirewallsDear Customer,       Over the past few weeks there has been a good deal of press coverage surrounding Juniper Networks related to an internal audit during which unauthorized code was discovered in ScreenOS that could be exploited by a knowledgeable attacker.  Juniper has since addressed the issue and has made patches available for the vulnerable versions of its ScreenOS.  This has to lead to speculation that products f

12/20/2019

Active Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) notification for the Dell SonicWALL TZ 215 Wired model.  Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document.  During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below.  In addition, Dell SonicWALL may release a limited number of new features and will issue bug fixes only to the latest version of firmware available for

12/20/2019

High Severity Bug Alert - GMS 8.2 - DO NOT MODIFY ADDRESS OBJECTSSonicWall Support would like to inform you of a problem with a specific feature in GMS 8.2:  Modifying the Name of an Address Object.  There is a workaround available and a hotfix will be available the week of December 12, 2016. TRIGGER AND SYMPTOMModifying the name of a firewall(s) Address Object through the GMS 8.2 Policy Panel will trigger the firewall to go offline and lose LAN/WAN access.  A hard restart in Safe Mode is required to recover the firewall.&nb

12/20/2019

SonicWALL Active Retirement Mode Announcement for Dell SonicWALL TZ 105 Wireless Japan Model Active Retirement Mode Announcement Dell SonicWALL is initiating the Active Retirement Mode (ARM) for the Dell SonicWALL TZ 105 Wireless Japan model. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and wi

12/20/2019

We know that you need and expect continuous strengthening of your network perimeter. Now you can get more features and power with our latest generation of network security solutions. We’re pleased to announce availability of SonicOS 6.2.5 for SuperMassive, NSA and TZ products. This new operating system delivers both security enhancements and advanced networking features to meet your needs. Here are some of the highlights:Dell X-Series Integrations – Every business has a switch. If you're using TZ300/400/500/600 with the new 6.2.

12/20/2019

SonicWALL Notice Concerning Privilege Escalation Vulnerability in the Windows NetExtender client (CVE-2015-4173)Dear Customer,       A vulnerability CVE­-2015- 4173, affects a Registry key used by SonicWALL NetExtender client for Windows exposes the system to a  binary planting attack that can be triggered upon login. A malicious binary placed in a specific system folder by a low-privileged user could result in code execution upon an Administrator login.SonicWALL SMB SRA NetExtender versionNetExtender

12/20/2019

Dell SonicWALL - Active Retirement Mode Announcement for Dell SonicWALL TZ 105 Wired ModelActive Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) notification for the Dell SonicWALL TZ 105 Wired model only.  Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document.  During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below.  In addition, Dell SonicWALL may release a limited number

12/20/2019

SonicWALL Active Retirement Mode Announcement for Dell SonicWALL TZ 215 Wireless Japan ModelActive Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) for the Dell SonicWALL TZ 215 Wireless Japan model. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and will

12/20/2019

SonicWALL Service Bulletin GMS Analyzer Vulnerability Fix - July 2016Vulnerabilities in the Dell SonicWALL GMS and Analyzer have been resolved.Affected ProductsDell SonicWALL GMS and AnalyzerAffected Software VersionsVersions 8.0 and 8.1.Issue SummaryVulnerabilities were found pertaining to command injection, unauthorized XXE, default account, and unauthorized modification of virtual appliance networking information. To fix these vulnerabilities, Dell highly recommends that existing users of Dell SonicWALL GMS and Analyzer Hotfix 174525.GM

12/20/2019

End of Support AnnouncementDell SonicWALL is initiating the End of Support for GMS 7.0 and 7.1                                 All official End of Life notifications and phase information are posted on the Product Lifecycle page of our Support web site.Products Affected                    

12/20/2019

Last Day Order AnnouncementDell SonicWALL is initiating the Last Day Order (LDO) notification for the Dell SonicWALL SonicPoint-Ne Dual-Band.  Last Day Order is the first phase of the Dell SonicWALL End of Life process outlined at the end of this document.  During this phase, authorized Dell SonicWALL partners and distributors may purchase SonicPoint-Ne Dual-Band SKUs from Dell SonicWALL.  After the LDO phase has ended, Dell SonicWALL will no longer accept orders for the SKUs listed below and the SonicPoint-Ne Dual-Band will tran

12/20/2019

Limited Retirement Mode AnnouncementDell SonicWALL is initiating the Limited Retirement Mode (LRM) notification for the Dell SonicWALL ES 300.  Limited Retirement Mode is the fourth phase of the Dell SonicWALL End of Life process outlined at the end of this document.  During this phase Dell SonicWALL will no longer develop or release firmware updates or new features for these products.  In addition, Dell SonicWALL will no longer offer support contracts.  After the LRM phase has ended, Dell SonicWALL will transition the ES 30

12/20/2019

Vulnerabilities in the SonicWALL GMS and Analyzer have been resolved.Affected ProductsSonicWALL GMS and AnalyzerAffected Software VersionsVersions 8.0 and 8.1Issue SummaryVulnerabilities were found pertaining to input validation/filter bypass, SQL Injection, XSS, and Adobe Flex bypass.To fix these vulnerabilities, SonicWall recommends that existing users of SonicWALL GMS and Analyzer upgrade to GMS/Analyzer 8.2.GMS/Analyzer 8.2 is available for download from https://www.mysonicwall.com. Users should log into MySonicWALL and click on Downloads &

12/20/2019

SonicWALL Active Retirement Mode Announcement for SonicWALL TZ 215 Wireless ModelActive Retirement Mode AnnouncementSonicWALL is initiating the Active Retirement Mode (ARM) notification for the SonicWALL TZ 215 Wireless model. Active Retirement Mode is the second phase of the SonicWALL End of Life process outlined at the end of this document. During this phase SonicWALL will no longer actively manufacture or sell the products listed below. In addition, SonicWALL may release a limited number of new features and will issue bug fixes only to the l

12/20/2019

GMS/Analyzer/UMA Command Injection and Arbitrary XML Input Vulnerabilities - January 2016Vulnerabilities in the Dell SonicWALL GMS, Analyzer, and UMA have been resolved.Affected ProductsDell SonicWALL GMS, Analyzer, and UMA EM5000Affected Software VersionsVersions 7.2, 8.0, and 8.1.Issue SummaryFields in the webapp were found to be vulnerable to command injection and a port was found to be vulnerable to arbitrary XML input. To fix these vulnerabilities, Dell recommends existing users of Dell SonicWALL GMS, Analyzer, and UMA update their so

12/20/2019

Watch our technical deep-dive webinar and demo to learn best practices to a successful SonicWall Deep Packet Inspection of SSL (DPI-SSL) service implementation. Watch NowManaging certificate deployment and certificate pinning are among the top challenges when implementing deep inspection of SSL and TLS certificates on a next-generation firewall. Join us for a technical deep-dive webcast and demo to learn best practices to a successful SonicWall Deep Packet Inspection of SSL (DPI-SSL) service implementation. This in-depth session: • Helps size t

12/20/2019

SonicWALL Active Retirement Mode Announcement for Dell SonicWALL TZ 205 Wireless Japan ModelActive Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) for the Dell SonicWALL TZ 205 Wireless Japan model. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and will

12/20/2019

We are pleased to announce a new OS release for the entire Secure Mobile Access (SMA) 1000 Series. The new SMA 11.4 OS was released on 04-13-2016 and is available, at no cost, for SMA 1000 appliance customers with an active support contract. Applicable models include; SRA EX6000, SMA 6200, SMA 8200V (Virtual), SRA EX7000, SMA 7200 & SRA EX9000.All SMA models ensure secure access across all key operating systems and mobile devices, including Windows, iOS, Mac OSX, Android, Kindle Fire, Linux and Chrome OS. These solutions increase mobile and

12/20/2019

Dell SonicWALL Active Retirement Mode Announcement for Dell SonicWALL NSA 8500Dell SonicWALL is initiating the Active Retirement Mode (ARM) notification for the Dell SonicWALL NSA E8500.  Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document.  During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below.  In addition, Dell SonicWALL may release a limited number of new features and will issue bug fixes only to the latest v

12/20/2019

SonicWall Last Day Order Announcement for SonicWall Universal Management Appliance UMA EM5000 Last Day Order Announcement SonicWall is initiating the Last Day Order (LDO) notification for the SonicWall Universal Management Appliance UMA EM5000.  Last Day Order is the first phase of the SonicWall End of Life process outlined at the end of this document.  During this phase, authorized SonicWall partners and distributors may purchase UMA EM5000 hardware SKUs from SonicWall.  After the LDO phase has ended, SonicWall will no longer
WAF Series

03/27/2020

SonicWall Web Application Firewall (WAF) reaches End-of-Sale February 1, 2020 SonicWall is initiating a worldwide End-of-Sale for the Web Application Firewall (WAF) product beginning on February 1, 2020. SonicWall will no longer actively develop or sell the product. Please see the Product Lifecycle Table for a full list of key dates regarding this product. Why is SonicWall initiating End-of-Sale for the Web Application Firewall (WAF)? We are working to create an integrated system that delivers faster protection, detection and correction. We a
Trace:667eabf4cfc16a1e24021b38248f7df6-84