SonicWall strongly urges admins to patch SSLVPN SMA1000 bugs


SonicWall is urging customers to fix multiple high-risk security weaknesses in its Secure Mobile Access (SMA) 1000 Series line of products, which might allow attackers to evade authorization and compromise unpatched equipment.

The first bug (a high-severity unauthenticated access control bypass) has been assigned CVE-2022-22282, however the other two (a hard-coded cryptographic key and an open redirect, both of medium severity) are currently awaiting a CVE ID. Read More…