Security vulnerabilities in SonicWalls Secure Mobile Access (SMA) 100-series VPN appliances could allow an unauthenticated, remote user to execute code as root. The most severe of the bugs carries a 9.8 out of 10 on the CVSS vulnerability-severity scale. The vendor has issued patches for the bugs, which affect versions of its SMA 200, 210, 400, 410 and 500v products. In July, SonicWall issued an urgent security alert warning customers an imminent ransomware campaign using stolen credentials was actively targeting known vulnerabilities in the SMA 100 series.”]
Source: https://threatpost.com/critical-sonicwall-vpn-bugs-appliance-takeover/176869/