The manufacturer of security solutions for networks sonicwall warns of our own products. Meanwhile, it has been found that probably a remote access system is affected.
In an official statement sonicwall blows that highly specialized attackers have entered their own network by exploiting zero-day attacks in remote access products from their own home. Zero-day lucky are vulnerabilities, for which no security patches are available at the time of attacks.
Firewalls probably not danger
According to exams sonicwall ares that according to the current state of knowledge exclusively the remote access system SMA 100 is vulnerable. Firewalls, netextender VPN client and sonicwave aps are not affected.
There is still unclear what causes the vulnerability. Concrete information about security swallowing and attack scenarios are still missing. The safety warning wants to constantly update sonicwall.
Sonicwall emphasizes that admins can continue to use remote access in the interaction of netextender and SMA 100 because this combination should not be vulnerable. For security, admins should create specific access rules or deactivate virtual office and administrative HTTPS access via the internet.