SonicWall has released a second firmware update for a zero-day SMA-100 vulnerability known to be used in attacks and warns that the installation must be immediate.
Last month, SonicWall revealed that its internal systems had been attacked after being used with zero-day vulnerabilities in SMA-100 remote access devices. One week later, cybersecurity company NCC Group discovered the zero-day vulnerability used by the attack.
On February 3, Sonicwall released a zero-day vulnerability fix and strongly recommended that all users install it.
Additional safeguards have been added to the firmware
Yesterday, SonicWall announced new firmware updates for SMA-100 series devices that provide additional safeguards discovered since their last update.
"After the February 3 firmware update described below, SonicWall announces the availability of new firmware versions for both codes (10.x and 9.x) in products of the SMA 100 series, consisting of the physical SMA 200, 210, 400, 410 devices and the SMA 500v virtual device. ”
"SonicWall has conducted additional reviews to further enhance the code for the SMA 100 product line," SonicWall announced.
Although SonicWall does not describe what security fixes were added to this update, it does emphasize that all users should "IMMEDIATELY" upgrade their devices.
The changes in this new update are:
The new SMA 10.2 firmware includes:
- Code-hardening fixes that identified during internal code control
- Collection of customer issue corrections not included in the February 3 patch
- General performance improvements
- Additional patch fixes released on February 3 in the SMA 100 series
The new firmware 9.0 includes:
- Code-hardening fixes detected during internal code checking
These updates apply to physical devices SMA 200, SMA 210, SMA 400, SMA 410 and virtual devices SMA 500v (Azure, AWS, ESXi, HyperV).
Owners can find instructions on how to apply the updates to Advisory of SonicWall.
Source of information: bleepingcomputer.com