Now patch! Attacks on e-mail security appliances of sonicwall

Patch now! Attacks on E-mail Security Appliances of SonicWall

Admins that use sonicwall email security should bring the protective software to the current status. The reason for the network uplift documents are on systems. In error-adjusted versions, the developers have closed three security.

Admin accounts from nothing

At the most dangerous, the as "critical" stained vulnerability with the id cve-2021-20021. Successfully set the attacker at the lucke, they were able to create a warning message by sending the blobe sending praparized http traffic without authentication admin accounts.

By taking advantage of another lucke (cve-2021-20022), attackers were able to load files on systems. The degree of threat is considered "high". The third vulnerability (cve-2021-20023) has not yet been classified. An attackers could access actually silenced files. What cheeks take advantage of attackers is currently unknown.

Security updates available

According to sonicwall, the security lagging in addition to appliances also the windows versions 10.0.1, 10.0.2 and 10.0.3 and virtualized appliances affected. Who secured against such attacks email security versions 10.0.9.6173 (appliances, windows) and 10.0.9.6177 (virtual appliances) are available.