Initiatives pour
En tant qu'autorité nationale en matière de cybersécurité, le CCB a développé plusieurs initiatives destinées à des publics spécifiques, qui sont présentées ici.
CRITICAL VULNERABILITY IN SONICWALL SMA 100 APPLIANCES
Image
Publié : 10/12/2021
Reference:
Advisory #2021-020
Version:
1.0
Affected software:
SonicWall - SMA 100 Series (SMA 200, 210, 400, 410, 500v)
Type:
Buffer Overflow, Remote Code Execution
CVE/CVSS:
CVE-2021-20038
Sources
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026
Risks
A critical severity vulnerability (CVSS 9.8) in SMA 100 appliances, which includes SMA 200, 210, 400, 410 and 500v could allow a remote unauthenticated attacker to cause Stack-based Buffer Overflow and would result in code execution as the nobody user in the SMA100 appliance.
Description
The Vulnerability is due to the SonicWall SMA SSLVPN Apache httpd server GET method of mod_cgi module environment variables use a single stack-based buffer using `strcat`. This allows remote attacker to cause Stack-based Buffer Overflow and would result in code execution.
Recommended Actions
The CCB recommends to all System administrators to upgrade vulnerable devices to the latest versions released by the vendor (the patch adressing this vulnerability also fix other vulnerabilities as well, notably - CVE-2021-20039, CVE-2021-20040, CVE-2021-20041, CVE-2021-20042, CVE-2021-20043, CVE-2021-20044, CVE-2021-20045).
References
https://www.bleepingcomputer.com/news/security/sonicwall-strongly-urges-...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20038