SonicWall has issued a critical alert regarding multiple vulnerabilities in its Secure Mobile Access (SMA) 100 series SSL-VPN appliances.
These vulnerabilities could allow attackers to execute remote code, bypass authentication, or compromise system integrity.
SonicWall urges users to take immediate action by updating their devices to the latest firmware to mitigate these risks.
These issues affect SMA 200, 210, 400, 410, and 500v appliances running firmware version 10.2.1.13-72sv or earlier. Products from the SonicWall SSL VPN SMA1000 series are confirmed to be unaffected.
Free Webinar on Best Practices for API vulnerability & Penetration Testing: Free Registration
Vulnerability List
- CVE-2024-38475: Path Traversal Vulnerability
Originating from Apache HTTP Server’smod_rewritemodule, this vulnerability allows attackers to map URLs to sensitive filesystem locations, potentially exposing restricted files. - CVE-2024-40763: Heap-Based Buffer Overflow
A heap-based buffer overflow in SMA100 devices, caused by improper memory handling, can be exploited by attackers to execute malicious code or crash the system. - CVE-2024-45318: Stack-Based Buffer Overflow
A vulnerability in the SMA100 web management interface permits attackers to trigger a stack-based buffer overflow, potentially allowing the execution of arbitrary code on the device. - CVE-2024-45319: Certificate-Based Authentication Bypass
This flaw allows attackers to bypass the certificate requirement during authentication, granting unauthorized access to the system. - CVE-2024-53702: Insecure Randomness
The use of a weak pseudo-random number generator (PRNG) in the SMA100 backup code mechanism can enable attackers to predict the output, potentially exposing sensitive information. - CVE-2024-53703: Stack-Based Buffer Overflow in Apache
A stack-based buffer overflow in themod_httprplibrary used by SMA100 devices running Apache allows attackers to execute arbitrary code remotely.
Affected Products
The vulnerabilities impact the SonicWall SMA 100 series (SMA 200, 210, 400, 410, 500v), specifically firmware version 10.2.1.13-72sv and earlier.
The following table provides a detailed summary of affected products and versions:
| Product Series | Product Models | Affected Firmware Version |
|---|---|---|
| SonicWall SMA 100 | SMA 200, SMA 210 | 10.2.1.13-72sv and earlier |
| SMA 400, SMA 410 | 10.2.1.13-72sv and earlier | |
| SMA 500v | 10.2.1.13-72sv and earlier | |
| SonicWall SMA 1000 | All models | Not affected |
SonicWall recommends all users immediately update to the latest firmware to address these issues.
SonicWall has stated there is currently no evidence of active exploitation in the wild, but given the severity of these vulnerabilities, organizations are urged to act without delay.
Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses
 100 series SSL-VPN appliances.){kind=link}