Introduction

SonicWall recently disclosed that its firewall appliances contain vulnerabilities within the code utilized for remote management.

Technical Information

To exploit the vulnerability an attacker would need access to the remote management interface of the firewall.  Tier1Net’s standard supported configuration mitigates against this vulnerability by blocking all public access to a firewall’s management interface.  Furthermore, SonicWall has stated that it has not received any reports of this vulnerability being actively exploited.

Steps Taken by Tier1Net

Tier1Net has identified all impacted firewalls within its customer and cloud networks and will be deploying patches once internal testing is complete.

Further Information

To view SonicWall’s vulnerability notification please visit: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009

Dell SonicWALL has identified multiple LDAP authentication protocol vulnerabilities exposed when SonicOS is configured to use Microsoft Active Directory / LDAP for authentication of AD/LDAP usernames who are members of SonicWALL Administrator groups.   Tier1Net’s infrastructure is not exposed to this vulnerability.  However, to mitigate against possible future exposure, Tier1Net will be performing firmware updates on all Dell SonicWALL firewalls within its network infrastructure.

If you have questions or concerns about this matter, please contact Tier1Net.