SonicWall Security Advisory on SonicOS CVE-2021-20019

sonicwall_logo

v1, Last Updated: 06-Sep-2024

Scenario:
Make: SonicWall Network Security Appliance [NSA]
Model: All SonicWall NSA
Affected Product: SonicOS [See the article for more details]
Description: SonicWall has released an advisory in June 2021 to address an incomplete fix in its operating System or SonicOS to mitigate the vulnerability CVE-2021-20019.

Background

SonicWall has released an advisory on June 22 with advisory ID SNWLID-2021-0006. This security advisory is to address an incomplete fix for a vulnerability in its SonicOS [The SonicWall Operation System]. This advisory has newly assigned CVE ID: CVE-2021-20019. The original vulnerability CVE-2020-5135 was released under SonicWall Advisory ID: SNWLID-2020-0010.

CVE-2021-20019 is the vulnerability in the SonicWall SonicOS where a remote unauthenticated attacker the flaws by sending a specially crafted HTTP request to a vulnerable SonicWall device. By the effect of this vulnerability and successful exploitation would result in internal sensitive data disclosure.

The official statement of SonicWall about the vulnerability is

“A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted unauthenticated HTTP request. This can potentially lead to an internal sensitive data disclosure vulnerability.”

Affected Devices or OS

It is assumed that approximately 680,000 SonicWall devices may be affected across the world. That means approximately 680,000 SonicWall devices remain publicly accessible. As per the SonicWall advisory below mentioned SonicWall operating system or SonicOS are affected.

SonicOS - 6.5.4.7-83n
SonicOSv - 6.5.4.4-44v-21-955
SonicOS - 6.5.1.12-3n
SonicOS - 6.0.5.3-94o
SonicOS - 7.0.0-R713 and earlier,
SonicOS - 7.0.1-R1036 and earlier
and below SonicOS - 7.0.0.376

It means if you have SonicWall devices in your organization and they are on one of the above mentioned SonicOS or SonicWall operating system version, your device is vulnerable and you should take the appropriate action to mitigate the vulnerability.

Solution

SonicWall has published an advisory to upgrade or change the version of SonicOS on your SonicWall devices to mitigate the vulnerability. A summary of the affected and fixed version of SonicOS is shown below.

Affected VersionFixed Version
6.5.1.12-3n and older Pending Release
6.0.5.3-94o and olderPending Release
NSa,TZ- 7.0.0-713 and older 7.0.0-R906 and later, 7.0.1-R1456
NSsp – below < 7.0.0.376        7.0.0.376 and later, 7.0.1-R579 
NSsp- 7.0.1-R1036 and older7.0.1-R1282/1283 
6.5.4.8-83n and older 6.5.4.8-89n 
SonicOSv – 6.5.4.4-44v-21-955 and older6.5.4.4-44v-21-1288

A detailed stepwise method is mentioned in the article. Click the link to know How to upgrade the Firmware of SonicWall NSA. You could follow the steps to upgrade the firmware of SonicWall Firewall or NSA. Upgrading the SonicWall Operating system or SonicOS will mitigate the vulnerability. Follow the link to understand the different types of Sonicwall Operation System or SonicOS release types.

Check the attached article if you are looking for activating or renewing the NSA Licenses. Refer to the article to find the step-wise method to upgrade/downgrade the firmware of Cisco ASA via CLI method and also upgrade/downgrade the firmware through GUI method.

Source: SonicWall, Internet, Knowledge Base

EA00064

Leave a Reply

Your email address will not be published. Required fields are marked *