Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
CRITICAL VULNERABILITY IN SONICWALL SMA 100 APPLIANCES
Image
Published : 10/12/2021
Reference:
Advisory #2021-020
Version:
1.0
Affected software:
SonicWall - SMA 100 Series (SMA 200, 210, 400, 410, 500v)
Type:
Buffer Overflow, Remote Code Execution
CVE/CVSS:
CVE-2021-20038
Sources
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026
Risks
A critical severity vulnerability (CVSS 9.8) in SMA 100 appliances, which includes SMA 200, 210, 400, 410 and 500v could allow a remote unauthenticated attacker to cause Stack-based Buffer Overflow and would result in code execution as the nobody user in the SMA100 appliance.
Description
The Vulnerability is due to the SonicWall SMA SSLVPN Apache httpd server GET method of mod_cgi module environment variables use a single stack-based buffer using `strcat`. This allows remote attacker to cause Stack-based Buffer Overflow and would result in code execution.
Recommended Actions
The CCB recommends to all System administrators to upgrade vulnerable devices to the latest versions released by the vendor (the patch adressing this vulnerability also fix other vulnerabilities as well, notably - CVE-2021-20039, CVE-2021-20040, CVE-2021-20041, CVE-2021-20042, CVE-2021-20043, CVE-2021-20044, CVE-2021-20045).
References
https://www.bleepingcomputer.com/news/security/sonicwall-strongly-urges-...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20038