SonicWall Releases Urgent Security Notice of Potential Ransomware Attacks

SonicWall PSIRT has released an urgent security notice detailing an ongoing ransomware campaign targeting their SMA and SRA products running older and vulnerable firmware versions. Organisations running these versions are exposing themselves to the risk of attacks.

Threat ID:: CC-3906
Category:: Ransomware, Exploit
Threat Severity:: Medium
Threat Vector:: Vulnerability
Published:: 15 July 2021 12:46 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Affected platforms

The following platforms are known to be affected:

SonicWall Secure Mobile Access (SMA) 100 series Versions: all versions running 8.x firmware

SonicWall Secure Remote Access (SRA) Versions: all versions running 8.x firmware

Threat details

Imminent ransomware attacks

Attackers are actively targeting a known vulnerability in Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running 8.x firmware. This firmware is end-of-life (EOL) and the vulnerability has been patched in newer versions of the firmware (9.x and later).

SonicWall advise that organisations failing to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of a targeted ransomware attack.

Remediation advice

Affected organisations should review the SonicWall Urgent Security Notice and ensure all affected products are updated to a non-vulnerable firmware version.

Definitive source of threat updates

https://www.sonicwall.com/support/product-notification/urgent-security-notice-critical-risk-to-unpatched-end-of-life-sra-sma-8-x-remote-access-devices/210713105333210/

Last edited: 15 July 2021 3:30 pm