Critical security vulnerability affects SonicWall SMA 100 devices

A severe security vulnerability currently affects devices in the SonicWall SMA 100 Series (SMA 210, 410, and 500v). Organizations using these systems should take immediate action to avoid compromising their network security.

The SonicWall security team has discovered a critical vulnerability (CVSS score: 9.1 out of 10) in the SMA 100 product line. Specifically, it is a Post-Authentication Arbitrary File Upload Vulnerability. This means that attackers who have successfully logged into the system (e.g., via stolen credentials) could upload arbitrary files, such as malware.

❗ Which devices are affected?

Affected: SonicWall SMA 100 Series (SMA 210, 410, 500v)

Not affected: SMA 1000 series and SonicWall Firewalls with SSL-VPN

✅ What does SonicWall recommend?

SonicWall strongly urges all affected customers to take the following actions:

1. Install security updates

Follow the guidance on the official SonicWall PSIRT page to patch known vulnerabilities.

2. Reevaluate your long-term security strategy

SonicWall recommends transitioning to one of the following more secure alternatives:

• Cloud Secure Edge (CSE): SonicWall’s cloud-native Zero Trust solution.
• SMA 1000 Series: More powerful and better secured hardware.
• SonicWall firewall with SSL VPN: Suitable for organizations where CSE or SMA 1000 is not an option.

Would you like to secure your SonicWall systems or need support with the update?
Our team is happy to assist you with expert advice. Planning a new SonicWall project?
Feel free to use our contact form.