SonicWall Left a VPN Flaw Partially Unpatched Amidst 0-Day Attacks


Level 37
Thread author
Top poster
Nov 10, 2017
A critical vulnerability in SonicWall VPN appliances that was believed to have been patched last year has been now found to be "botched," with the company leaving a memory leak flaw unaddressed, until now, that could permit a remote attacker to gain access to sensitive information.

The shortcoming was rectified in an update rolled out to SonicOS on June 22.

Tracked as CVE-2021-20019 (CVSS score: 5.3), the vulnerability is the consequence of a memory leak when sending a specially-crafted unauthenticated HTTP request, culminating in information disclosure.

It's worth noting that SonicWall's decision to hold back the patch comes amid multiple zero-day disclosures affecting its remote access VPN and email security products that have been exploited in a series of in-the-wild attacks to deploy backdoors and a new strain of ransomware called FIVEHANDS.

Howevere, there is no evidence that the flaw is being exploited in the wild.