Remote code execution vulnerability present in SonicWall SMA 100 series appliances

Australian Cyber Security Centre

Background /What has happened?

A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated cyber actor to perform remote code execution. A cyber actor would then be able to install malware or otherwise control the affected device.

SonicWall SMA 100 series appliances provide end-to-end secure remote access to corporate resources hosted across on-premise, cloud and hybrid data centres.

/Public Release. This material from the originating organization/author(s) may be of a point-in-time nature, edited for clarity, style and length. The views and opinions expressed are those of the author(s).View in full here.