Background /What has happened?
A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated cyber actor to perform remote code execution. A cyber actor would then be able to install malware or otherwise control the affected device.
SonicWall SMA 100 series appliances provide end-to-end secure remote access to corporate resources hosted across on-premise, cloud and hybrid data centres.
Further information on this vulnerability is available in the SonicWall security advisory.
Mitigation / How do I stay secure?
Australian organisations who use Sonic Wall SMA 100 series appliances should review their patch status and update to the latest version. SonicWall have released a security advisory listing specific vulnerable products and versions.
Assistance / Where can I go for help?
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is monitoring the situation and can provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1.