Patched SonicWall critical vulnerability that continues to be used in several ransomware attacks

Patch available with other ‘disabling’ fixes

Affected SonicOS versions include 5.9.2.14-12o and older, 6.5.4.14-109n and older, and 7.0.1-5035 and older, which are fixed in versions 5.9.2.14-13o, 6.5.4.15.116n, and 7.0. 1-5072, respectively.

SonicWall and Arctic Wolf strongly recommend affected users to upgrade to the latest supported SonicOS firmware versions. Additionally, the SonicWall advisory recommends that all users of Gen5 and Gen6 devices update their passwords to prevent unauthorized access. Disabling the affected services was also included as a solution to this issue in the SonicWall advisory.

“To minimize the potential impact, SonicWall recommends limiting firewall management to trusted sources or disabling firewall WAN management for Internet access,” the company said. “Similarly, for SSLVPN, ensure that access is limited to trusted sources, or disable SSLVPN access from the Internet.”