SonicWall Patches an NSM On-Prem Vulnerability

12
SonicWall Patches an NSM On-Prem Vulnerability

SonicWall advises customers to quickly address a post-authentication vulnerability – CVE-2021-20026 – affecting on-premises versions of the Network Security Manager (NSM). 

The vulnerability, which has a severity rating of 8.8, might be easily exploited without any user interaction. An attacker can use the vulnerability to inject OS commands using a specially crafted HTTP request.

As per a security advisory published by the company, “SonicWall has validated and patched a post-authentication vulnerability (SNWLID-2021-0014) within the on-premises version of Network Security Manager (NSM).

This vulnerability only impacts on-premises NSM deployments. SaaS versions of NSM are not affected. This critical vulnerability potentially allows a user to execute commands on a device’s operating system with the highest system privileges (root).”

To Read More: securityaffairs

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.