Use of hard-coded credentials in SonicWall On-premise Email Security (ES) and SonicWall Hosted Email Security (HES)

#VU53230 Use of hard-coded credentials in SonicWall On-premise Email Security (ES) and SonicWall Hosted Email Security (HES)

Published: 2021-05-13

Vulnerability identifier: #VU53230

Vulnerability risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-20025

CWE-ID: CWE-798

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
SonicWall On-premise Email Security (ES)
Client/Desktop applications / Antivirus software/Personal firewalls
SonicWall Hosted Email Security (HES)
Client/Desktop applications / Antivirus software/Personal firewalls

Vendor:

Description

The vulnerability allows a remote attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code, a default username and a password are used at initial setup. A remote unauthenticated attacker can access the Virtual Appliance using the default credentials only when the device is freshly installed and not connected to Mysonicwall.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0012

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Hardcoded credentials in SonicWall Email Security Virtual Appliance