SonicWall fixes critical bug allowing SMA 100 device takeover

From bleepingcomputer.com

SonicWall fixes critical bug allowing SMA 100 device takeover

SonicWall has patched a critical security flaw impacting several Secure Mobile Access (SMA) 100 series products that can let unauthenticated attackers remotely gain admin access on targeted devices.

The SMA 100 series appliances vulnerable to attacks targeting the improper access control vulnerability tracked as CVE-2021-20034 includes SMA 200, 210, 400, 410, and 500v.

There are no temporary mitigations to remove the attack vector, and SonicWall strongly urges impacted customers to deploy security updates that address the flaw as soon as possible.

Read more…