SonicWall urges customers to ‘immediately’ address a post-authentication vulnerability, tracked as CVE-2021-20026, impacting on-premises versions of the Network Security Manager (NSM).
The vulnerability rated with an 8.8 severity score could be simply exploited without user interaction.
The flaw could be exploited by an attacker to perform OS command injection using a crafted HTTP request.
The flaw affects NSM version 2.2.0-R10-H1 and earlier, the security vendor addressed it with the release of NSM 2.2.1-R6 and 2.2.1-R6 (Enhanced) versions.
“This critical vulnerability potentially allows a user to execute commands on a device’s operating system with the highest system privileges (root),” SonicWall explains.
“SonicWall has validated and patched a post-authentication vulnerability (SNWLID-2021-0014) within the on-premises version of Network Security Manager (NSM). This vulnerability only impacts on-premises NSM deployments. SaaS versions of NSM are not affected.” reads the security advisory published by SonicWall. “This critical vulnerability potentially allows a user to execute commands on a device’s operating system with the highest system privileges (root).”
In April, SonicWall warned customers to update their hosted and on-premises email security products to address three zero-day vulnerabilities that are being actively exploited in the wild. In February, the security firm released a second firmware update for the SMA-100 zero-day vulnerability that was exploited in attacks in the wild.
(SecurityAffairs – hacking, Network Security Manager)