SonicWall SMA 100: CVE-2021-20038: Unauthenticated Stack-based Buffer Overflow
Description
A critical vulnerability (CVSS 9.8) in SMA 100 appliances, which includes SMA 200, 210, 400, 410 and 500v could allow a remote unauthenticated attacker the ability to cause Stack based Buffer Overflow which can potentially lead to malicious code execution in the device. It was also noticed that SMA 100 users with WAF enabled/licensed are also impacted by this vulnerability. The vulnerability is due to `cgi_build_command` method that appends all the environment variables onto a single stack. This method is vulnerable to Stack-Based Buffer Overflow. There is no evidence that this vulnerability is being exploited in the wild. SonicWall strongly urges that organizations follow the guidance below to patch SMA 100 series products, which include SMA 200, 210, 400, 410 and 500v.
Solution(s)
- sonicwall-sma-100-upgrade-10.2.1.3-27sv
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center