SonicWall “Strongly urges” customers to patch several high-risk security flaws impacting its Secure Mobile Access 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances.
SonicWall SMA 1000 SSLVPN solutions are used by enterprises to simplify end-to-end secure remote access to corporate resources across on-prem, cloud, and hybrid data center environments.
“SonicWall strongly urges that organizations using the SMA 1000 series products upgrade to the latest patch,” the company says in a security advisory published this week.
The security bugs impact the following SMA 1000 Series models: 6200, 6210, 7200, 7210, 8000v.
Of the three vulnerabilities, CVE-2022-22282 is the most severe as it allows unauthenticated attackers to bypass access control and gain access to internal resources.
In July 2021, SonicWall also warned of an increased risk of ransomware attacks targeting end-of-life SMA 100 series and Secure Remote Access products.