D2
Администратор
- Регистрация
- 19 Фев 2025
- Сообщения
- 4,380
- Реакции
- 0
SonicWall has released a second firmware update for an SMA-100 zero-day vulnerability known to be used in attacks and is warning to install it immediately.
Last month, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in their SMA-100 remote access devices.
A week later, cybersecurity firm NCC Group discovered the zero-day vulnerability used in this attack
On February 3rd, Sonicwall released a fix for the zero-day vulnerability and strongly recommended all users install it.
"Following up on the Feb. 3 firmware update outlined below, SonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance."
"SonicWall conducted additional reviews to further strengthen the code for the SMA 100 series product line," SonicWall announced in an update to their SMA-100 security advisory.
While SonicWall does not describe what specific security fixes are in this update, they stress that all users should "IMMEDIATELY" upgrade their devices.
The changes in this new update are:
The new SMA 10.2 firmware includes:
Owners can find instructions on how to apply the updates in SonicWall's advisory.
Last month, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in their SMA-100 remote access devices.
A week later, cybersecurity firm NCC Group discovered the zero-day vulnerability used in this attack
On February 3rd, Sonicwall released a fix for the zero-day vulnerability and strongly recommended all users install it.
Additional safeguards added to the firmware
Yesterday, SonicWall announced new firmware updates for SMA-100 series devices that provide additional safeguards discovered since their last update."Following up on the Feb. 3 firmware update outlined below, SonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance."
"SonicWall conducted additional reviews to further strengthen the code for the SMA 100 series product line," SonicWall announced in an update to their SMA-100 security advisory.
While SonicWall does not describe what specific security fixes are in this update, they stress that all users should "IMMEDIATELY" upgrade their devices.
The changes in this new update are:
The new SMA 10.2 firmware includes:
- Code-hardening fixes identified during an internal code audit
- Rollup of customer issue fixes not included in the Feb. 3 patch
- General performance enhancements
- Previous SMA 100 series zero-day fixes posted on Feb. 3
- Code-hardening fixes identified during an internal code audit
Owners can find instructions on how to apply the updates in SonicWall's advisory.