SonicWall recently disclosed that its firewall appliances contain vulnerabilities within the code utilized for remote management.
To exploit the vulnerability an attacker would need access to the remote management interface of the firewall. Tier1Net’s standard supported configuration mitigates against this vulnerability by blocking all public access to a firewall’s management interface. Furthermore, SonicWall has stated that it has not received any reports of this vulnerability being actively exploited.
Steps Taken by Tier1Net
Tier1Net has identified all impacted firewalls within its customer and cloud networks and will be deploying patches once internal testing is complete.
To view SonicWall’s vulnerability notification please visit: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009