SonicWall, a firewall and other cybersecurity equipment maker has a critical bug in its SonicOS. This leaves about 800,000 SonicWall devices running on this bugged OS vulnerable to remote code execution (RCE) attacks, say researchers. They have reported this to the maker who released an update to patch.
SonicWall Devices Have an RCE Bug
SonicWall is a cybersecurity firm making networking products like VPNs and routers. On Wednesday, security researchers from Tripwire VERT have published a report about their discovery of a bug in SonicOS. The bug is tracked as CVE-2020-5135 impacting all devices running on SonicOS, like the SonicWall Network Security Appliance (NSA) devices.
These devices include a range of appliances like the VPN portals, SSL filters, firewalls etc, that would allow employees to access the company’s network resources securely. The Tripwire researchers claimed a critical bug in SonicOS, which is related to a component and its improper handling of custom protocols.
Also, the concerned component is exposed to the WAN interface, means to the public internet. This makes the bug severe since anyone with the knowledge of the target device’s IP address can exploit it, say researchers. Further, they note the least exploit one can do with this bug is a DDoS attack, which crashes all the devices on that network.
But in higher cases, it could lead an attacker to execute code remotely (RCE) to exploit it further. Tripwire researchers have reported their discoveries to the SonicWall team, to which they responded with an update for patching on Monday this week.
Later, researchers have documented this bug in their blog and said about 795,357 devices were identified to be running on the bugged SonicOS. Since these are online (connected to the internet), the risk exposure is even greater. This awarded the bug severity score of 9.4/10. To identify the vulnerable SonicWall VPNs, Microsoft and Tenable have shared Shodan dorks this week.