A patch is now available
The bug is said to be affecting all firmware versions of the SMA1000 series up to 12.4.3-02854. A hotfix has been issued with version 12.4.3-02854 and higher, according to the advisory.
SonicWall outlined a workaround in the form of restricting access to trusted sources for the AMC and CMC, should immediate patching not be possible.
Elaborating on such precautions, Casey Ellis, founder of crowdsourced cybersecurity platform Bugcrowd, said, “Aside from patching, organizations should be ensuring that management interfaces for the SMA 1000, or any other device for that matter, given the cluster of vulnerabilities, research, and exploitation, are not publicly accessible.”