SonicWall EOL Devices Targeted by Ransomware
SonicWall has issued an urgent security notice, warning customers of ransomware attacks targeting end-of-life Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. Products using 8.x firmware are being targeted.
The following range of SonicWall devices for Secure Remote Access (SRA), SSL VPN and Secure Mobile Access (SMA) are affected by this vulnerability:
- SRA 4600/1600
- SRA 4200/1200
- SSL-VPN 200/2000/400
- SMA 400/200
- SMA 210/410/500v using 8.x firmware
What to look for
How to tell if you're at risk
You are at risk of this vulnerability if you are using any devices with 8.x firmware from SonicWall.
Firmware versions 9.x before 126.96.36.199-28sv and 10.x before 10.2.0.7-34sv are also at risk of attack.
What to do
SonicWall recommends that any organisation still using end-of-life SSL-VPN (200/2000/400) and/or SRA devices (4600/1600; 4200/1200) disconnect these devices immediately.
Devices still under support, but using 8.x firmware, should immediately upgrade to the latest versions from SonicWall.
- Users of 9.x should immediately update to 0.0.10-28sv or later
- Users of 10.x should immediately update to 10.2.0.7-34sv or later
Users of any of these devices should urgently reset all associated passwords and enable MFA.