Hundreds of thousands of VPNs all over the world are in need of patching after a critical security bug has been discovered. The flaw, tracked as CVE-2020-5135, is a stack-based buffer overflow in the SonicWall Network Security Appliance (NSA). It exists in the HTTP/HTTPS service that is used for SSL VPN remote access.
Since VPN bugs can make entry points into sensitive networks easily visible, these bugs are known to be extremely dangerous. Even after breaching a VPN, attackers have the ability to map out a target network for some time before making any ransomware demands. With this particular vulnerability, a username and password doesn’t even have to be known in order to exploit the VPN portal.
Below are the SonicWall VPN devices impacted by CVE-2020-5135:
- SonicOS 6.5.4.7-79n and earlier
- SonicOS 6.5.1.11-4n and earlier
- SonicOS 6.0.5.3-93o and earlier
- SonicOSv 6.5.4.4-44v-21-794 and earlier
- SonicOS 7.0.0.0-1
To resolve the issue, SonicWall issued updates and suggests to temporarily disconnect SSL VPN portals before applying the patch.
Below are the versions available to upgrade:
- SonicOS 6.5.4.7-83n
- SonicOS 6.5.1.12-1n
- SonicOS 6.0.5.3-94o
- SonicOS 6.5.4.v-21s-987
- Gen 7 7.0.0.0-2 and onwards
Due to the large number of people still working remotely, VPNs are being heavily relied on. Once they are exploited by flaws like this, it becomes very concerning because your security could be compromised. Questions? Call CATS Technology Solutions Group (732-204-7100) and a certified IT specialist will take care of you!
