SonicWall, a network appliance provider, has issued an urgent security advisory warning of impending data-encrypting ransomware attacks targeting known — and patched — firmware vulnerabilities.
SonicWall, based in San Jose, California, claims that ransomware operators are “actively targeting” security flaws in its Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products that are running unpatched and EOL 8.x firmware.
“The attack targets a known vulnerability that has been patched in newer versions of firmware,” the business cautioned, urging organisations still running its 8.x software to act quickly.
“Organizations that fail to take the necessary steps to remediate these vulnerabilities on their SRA and SMA 100 series products are at danger of a targeted ransomware attack,” SonicWall said.
The organisation provided no other details about the upcoming ransomware onslaught.
Instead, the urgent notification was used to persuade enterprises to stop using appliances with SMA and/or SRA firmware 8.x, which is no longer supported.
“Continued use of a legacy SRA appliance that is past end-of-life status and cannot be updated to 9.x firmware may result in ransomware exploitation,” says the advisory.
According to the advice, “either update the firmware or disconnect appliances.”
SonicWall stated it will offer a free virtual SMA 500v until October 31, 2021 to clients with end-of-life devices that are unable to upgrade to firmware 9.x or 10.x.
This isn’t the first time SonicWall has had to deal with ransomware gangs looking for flaws in its devices. A clever and aggressive cybercrime group exploited a zero-day vulnerability in the SonicWall Secure Mobile Access (SMA) earlier this year before updates were available.