Cybersecurity specialists report the detection of a critical vulnerability in SonicWall Analytics, the intelligence-based analysis service that allows you to view reports on threats in networks and users in real time through a single panel.
Tracked as CVE-2021-20032, this vulnerability exists due to incorrect security settings in the Java Debug Wire Protocol (JDWP) interface. According to experts, unauthenticated remote threat actors can send a specially crafted request to port 9000/TCP to achieve arbitrary code execution on the target system.
The flaw received a score of 8.5/10 on the Common Vulnerability Scoring System (CVSS) scale and its successful exploitation could result in the total compromise of the target system because hackers would be able to take control of critical functions.
According to the report, the vulnerability resides in all versions of SonicWall Analytics prior to v2.5.2519.
While this flaw is considered critical and could be exploited by unauthenticated threat actors, so far no exploit attempts have been detected in real scenarios. Administrators of affected deployments should not be trusted, as a malware variant could appear at any time to exploit this flaw; updates are now available, so SonicWall customers are encouraged to install them as soon as possible.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.