Introduction

SonicWall recently disclosed that its firewall appliances contain vulnerabilities within the code utilized for remote management.

Technical Information

To exploit the vulnerability an attacker would need access to the remote management interface of the firewall.  Tier1Net’s standard supported configuration mitigates against this vulnerability by blocking all public access to a firewall’s management interface.  Furthermore, SonicWall has stated that it has not received any reports of this vulnerability being actively exploited.

Steps Taken by Tier1Net

Tier1Net has identified all impacted firewalls within its customer and cloud networks and will be deploying patches once internal testing is complete.

Further Information

To view SonicWall’s vulnerability notification please visit: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009