A Note from Network Services Regarding the Recent SonicWALL Remote Access Vulnerability

Today SonicWALL clarified a vulnerability in their line of remote access products that, if exploited, could result in the spread of ransomware.

What is CNS doing?

For Clients With Currently Supported Hardware:

SonicWALL has provided patches for currently supported devices and CNS will review and install updates if necessary.

For Clients With End of Life Hardware:

For customers with hardware that has reached end of life and cannot be upgraded to the latest patch, SonicWALL is providing temporary licensing for a virtual remote access appliance through 10/31/21.  If you are a customer with end of life hardware, CNS will contact you directly and work with you on a plan to move to the temporary licensing or alternative access methods through your firewall.

Until an upgrade to supported hardware happens, and because of the nature of the threat, SonicWALL is recommending end of life units that cannot be patched be shut down immediately and user passwords reset.  Accordingly, CNS will be taking steps to disconnect access to affected devices and work with you on an alternate remote access strategy through your existing firewall or through a virtual remote access appliance.

For Non-CU*Answers Network Services Clients:

Unmanaged clients with SonicWALL remote access appliances should consult with their IT team immediately and follow instructions provided by SonicWALL in their alert:

https://www.sonicwall.com/support/product-notification/urgent-security-notice-critical-risk-to-unpatched-end-of-life-sra-sma-8-x-remote-access-devices/210713105333210/

 

If you have questions, please contact the Help Desk at ext 266.