On July 19th, 2019, SonicWall disclosed a newly discovered critical vulnerability in a number of their physical firewall appliances. ADNET strongly advises that companies take steps to apply an update patch as soon as possible. ADNET’s Security Team has been monitoring this situation through various security threat sources to ensure that we are acting upon the most current information.
What does this vulnerability do?
The vulnerability affects only the management interface of devices which are used to log in to and interact with its settings and configuration. To exploit this weakness, an attacker would need access to the management interface. The security technology and functionality of the devices with this vulnerability, including prevention and detection capabilities, are not directly affected or impacted.
Am I at risk?
If your SonicWall firewall is configured to allow access to the management interface from the internet, your exposure and risk is high. If access to the management interface is configured to allow access only from trusted networks and sources, the severity and potential risk is significantly reduced. ADNET strongly advises applying the security patch immediately to eliminate the risk as soon as possible.
Next Steps
ADNET has proactively identified impacted firewalls within our clients’ networks and is prepared to deploy the SonicWall security patches.
- If you are subscribed to ADNET’s TotalCare or Foundations Firewall managed services, ADNET will reach out to you to coordinate the installation of these updates.
- If you are not subscribed to TotalCare or Foundations Firewall, we’re happy to assist you with patching this vulnerability at your request. Please open a ticket with our support team or reach out to your Engagement Manager to schedule service.
As always, we’re here to help if you have any questions or concerns.