SonicWall Discloses Critical Firewall Vulnerability

 |   |  Security

On July 19th, 2019, SonicWall disclosed a newly discovered critical vulnerability in a number of their physical firewall appliances. ADNET strongly advises that companies take steps to apply an update patch as soon as possible. ADNET’s Security Team has been monitoring this situation through various security threat sources to ensure that we are acting upon the most current information.

What does this vulnerability do?

The vulnerability affects only the management interface of devices which are used to log in to and interact with its settings and configuration. To exploit this weakness, an attacker would need access to the management interface. The security technology and functionality of the devices with this vulnerability, including prevention and detection capabilities, are not directly affected or impacted.

Am I at risk?

If your SonicWall firewall is configured to allow access to the management interface from the internet, your exposure and risk is high. If access to the management interface is configured to allow access only from trusted networks and sources, the severity and potential risk is significantly reduced. ADNET strongly advises applying the security patch immediately to eliminate the risk as soon as possible.

Next Steps

ADNET has proactively identified impacted firewalls within our clients’ networks and is prepared to deploy the SonicWall security patches.

  • If you are subscribed to ADNET’s TotalCare or Foundations Firewall managed services, ADNET will reach out to you to coordinate the installation of these updates.
  • If you are not subscribed to TotalCare or Foundations Firewall, we’re happy to assist you with patching this vulnerability at your request. Please open a ticket with our support team or reach out to your Engagement Manager to schedule service.

As always, we’re here to help if you have any questions or concerns.

Kristopher Peterson

Kristopher Peterson

Kristopher Peterson joined ADNET Technologies in 2019 as an IT Security Analyst. Kristopher has worked extensively in the cybersecurity space since 2012, and prior to that had focused on the Engineering side of technology. With his extensive background and experience in both supporting and securing networks, Kristopher is passionate about helping clients strengthen their security strategy.

Read full bio >