April 20, 2021

Security Notice: SonicWall Email Security Zero-Day Vulnerabilities

DESCRIPTION:

Through the course of standard collaboration and testing, SonicWall has verified, tested and published patches to mitigate three zero-day vulnerabilities to its hosted and on-premises email security products.

In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’ It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version listed below.

SonicWall Hosted Email Security (HES) was patched on April 19, 2021, and no action is required from organizations that are only using the hosted email security product.

Step-by-step guidance on how to apply the updates is available on an in-depth knowledgebase (KB) article.

AFFECTED VERSION	PATCHED VERSION	PSIRT ADVISORY ID	APPLICABLE CVEs
Email Security (ES) 10.0.4-PresentEmail Security 10.0.3Email Security 10.0.2Email Security 10.0.1	Email Security 10.0.9.6173 (Windows)	SNWLID-2021-0007 SNWLID-2021-0008 SNWLID-2021-0010	CVE-2021-20021 CVE-2021-20022 CVE-2021-20023
Email Security (ES) 10.0.4-PresentEmail Security 10.0.3Email Security 10.0.2Email Security 10.0.1	Email Security 10.0.9.6177 (Hardware & ESXi Virtual Appliance)	SNWLID-2021-0007 SNWLID-2021-0008 SNWLID-2021-0010	CVE-2021-20021 CVE-2021-20022 CVE-2021-20023
Hosted Email Security (HES) 10.0.4-PresentHosted Email Security 10.0.3Hosted Email Security 10.0.2Hosted Email Security 10.0.1	Hosted Email Security 10.0.9.6173 (Patched Automatically)	SNWLID-2021-0007 SNWLID-2021-0008 SNWLID-2021-0010	CVE-2021-20021 CVE-2021-20022 CVE-2021-20023

Support for End-of-Life Email Security Products

SonicWall Email Security versions 7.0.0-9.2.2 are also impacted by the above vulnerabilities. However, these legacy versions have reached end of life (EOL) and are no longer supported. Organizations using these legacy product versions and have an active support license can download the latest Email Security versions from their MySonicWall account.

Customers without an active support license should contact their SonicWall SecureFirst partner to renew the license and upgrade to the latest SonicWall Email Security version. To find your local partner, please visit the SonicWall Partner Locator.

IPS Signatures Detect Exploitation

SonicWall has automatically deployed Intrusion Prevention System (IPS) signatures to help detect and block attacks that attempt to leverage the above vulnerabilities. The below signatures have already been applied to SonicWall firewalls with active security subscriptions.

IPS Signature: 15520 WEB-ATTACKS SonicWall Email Security (CVE-2021-20022 Vulnerability)
IPS Signature: 1067 WEB-ATTACKS Web Application Directory Traversal Attack 7
IPS Signature: 15509 WEB-ATTACKS Web Application Directory Traversal Attack 7 -c2

About the CVEs

CVE-2021-20021: Email Security Pre-Authentication Administrative Account Creation: A vulnerability in the SonicWall Email Security versions listed above could allow an attacker to potentially create an administrative account by sending a crafted HTTP request to the remote host.
CVE-2021-20022: Email Security Post-Authentication Arbitrary File Creation: A vulnerability in the SonicWall Email Security versions listed above could allow a post-authenticated attacker to potentially upload an arbitrary file to the remote host.
CVE-2021-20023: Email Security Post-Authentication Arbitrary File Read: A vulnerability in the SonicWall Email Security versions listed above could allow a post-authenticated attacker to potentially read an arbitrary file from the remote host.

Previous article Security Advisory: SonicOS Vulnerability In Firewall Web Management Interface

Next article SonicWall TZ270/370/470: Accelerating Digital Transformation for SMBs & Secure SD-Branches

Featured collection

Sale Sale

SonicWall TZ270

Original price $957.60 - Original price $2,986.20

Original price $957.60 - Original price $2,986.20

Original price $2,138.97

$957.60 - $2,986.20

$957.60 - $2,986.20

Current price $957.60

| /

Designed for home offices and lean branches, the TZ270 series deliver industry-validated security effectiveness with best-in-class price-performanc...
View full details

Original price $957.60 - Original price $2,986.20

Original price $957.60 - Original price $2,986.20

Original price $2,138.97

$957.60 - $2,986.20

$957.60 - $2,986.20

Current price $957.60

| /

Sale Sale
Sale Sale

SonicWall TZ570

Original price $2,885.40 - Original price $8,644.86

Original price $2,885.40 - Original price $8,644.86

Original price $6,733.44

$2,885.40 - $8,051.75

$2,885.40 - $8,051.75

Current price $2,885.40

| /

The SonicWall TZ570 series, is the first desktop-form factor next-generation firewall (NGFW) with 5 Gigabit Ethernet interfaces. Designed for mid...
View full details

Original price $2,885.40 - Original price $8,644.86

Original price $2,885.40 - Original price $8,644.86

Original price $6,733.44

$2,885.40 - $8,051.75

$2,885.40 - $8,051.75

Current price $2,885.40

| /

Sale Sale
Sale Sale

SonicWall TZ470

Original price $2,031.12 - Original price $6,116.04

Original price $2,031.12 - Original price $6,116.04

Original price $4,838.40

$2,031.12 - $4,921.52

$2,031.12 - $4,921.52

Current price $2,031.12

| /

Designed for small organizations and distributed enterprise with SD-Branch locations, the TZ470 series deliver industry-validated security effectiv...
View full details

Original price $2,031.12 - Original price $6,116.04

Original price $2,031.12 - Original price $6,116.04

Original price $4,838.40

$2,031.12 - $4,921.52

$2,031.12 - $4,921.52

Current price $2,031.12

| /

Sale Sale
Sale Sale

SonicWall TZ670

Original price $3,544.38 - Original price $9,666.72

Original price $3,544.38 - Original price $9,666.72

Original price $8,255.52

$3,544.38 - $9,020.45

$3,544.38 - $9,020.45

Current price $3,544.38

| /

The SonicWall TZ670 series, is the first desktop-form factor next-generation firewall (NGFW) with 10 Gigabit Ethernet interfaces. Designed for mi...
View full details

Original price $3,544.38 - Original price $9,666.72

Original price $3,544.38 - Original price $9,666.72

Original price $8,255.52

$3,544.38 - $9,020.45

$3,544.38 - $9,020.45

Current price $3,544.38

| /

Sale Sale
Sale Sale

SonicWall TZ370

Original price $1,362.06 - Original price $4,152.96

Original price $1,362.06 - Original price $4,152.96

Original price $3,197.88

$1,362.06 - $3,635.10

$1,362.06 - $3,635.10

Current price $1,362.06

| /

Designed for small organizations and lean branches, the TZ370 series deliver industry-validated security effectiveness with best-in-class price-per...
View full details

Original price $1,362.06 - Original price $4,152.96

Original price $1,362.06 - Original price $4,152.96

Original price $3,197.88

$1,362.06 - $3,635.10

$1,362.06 - $3,635.10

Current price $1,362.06

| /

Sale Sale