• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
sonicwall releases patches for new flaws affecting sslvpn sma1000 devices

SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices

You are here: Home / General Cyber Security News / SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices
May 14, 2022

SonicWall has released an advisory warning of a trio of security flaws in its Protected Cellular Entry (SMA) 1000 appliances, which include a substantial-severity authentication bypass vulnerability.

The weaknesses in question affect SMA 6200, 6210, 7200, 7210, 8000v operating firmware variations 12.4. and 12.4.1. The list of vulnerabilities is below –

  • CVE-2022-22282 (CVSS score: 8.2) – Unauthenticated Obtain Manage Bypass
  • CVE-2022-1702 (CVSS rating: 6.1) – URL redirection to an untrusted web site (open redirection)
  • CVE-2022-1701 (CVSS score: 5.7) – Use of a shared and difficult-coded cryptographic important

Effective exploitation of the aforementioned bugs could make it possible for an attacker to unauthorized entry to interior sources and even redirect prospective victims to malicious sites.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


CyberSecurity

Tom Wyatt of the Mimecast Offensive Security Staff has been credited with getting and reporting the vulnerabilities.

SonicWall pointed out that the flaws do not affect SMA 1000 sequence working variations before than 12.4., SMA 100 collection, Central Management Servers (CMS), and distant access customers.

SonicWall

Even though there is no proof that these vulnerabilities are being exploited in the wild, it really is proposed that end users implement the fixes in the light-weight of the simple fact that SonicWall appliances have offered an interesting bullseye in the previous for ransomware attacks.

“There are no non permanent mitigations,” the network security corporation said. “SonicWall urges impacted consumers to put into action relevant patches as quickly as probable.”

Uncovered this report attention-grabbing? Abide by THN on Fb, Twitter  and LinkedIn to read through much more exclusive material we publish.


Some components of this posting are sourced from:
thehackernews.com

Previous Post: «it pro news in review: businesses cancel cyber policies, ee IT Pro News In Review: Businesses cancel cyber policies, EE milestone, Costa Rica Conti attack
Next Post: Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off get lifetime access to 2022 cybersecurity certification prep courses @»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised
  • US and Korean Agencies Issue Warning on North Korean Cyber-Attacks
  • Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
  • New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
  • The Importance of Managing Your Data Security Posture
  • Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
  • Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
  • Chinese Phishing Gang “PostalFurious” Expands Campaign
  • Kaspersky Says it is Being Targeted By Zero-Click Exploits
  • North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

Copyright © TheCyberSecurity.News, All Rights Reserved.