San Antonio, TX – October 11, 2016 – Digital Defense, Inc. (DDI), a leading provider of Vulnerability Management as a Service (VMaaS™), disclosed the discovery of four security vulnerabilities found in the Dell SonicWALL Email Security virtual appliance application. The appliance is frequently deployed as a perimeter device. Further, its affected web interface is often times configured to be externally accessible. By combining an authentication bypass and command execution flaw, full appliance compromise can be achieved including the ability to eavesdrop on inbound and outbound corporate email of organizations using the affected Dell appliance. Dell collaborated closely with DDI and responded promptly with a patch to remediate the issue.
About the Vulnerabilities
DDI detected the previously unknown vulnerabilities while developing new audit modules for its patented vulnerability scanning technology. The newly identified vulnerabilities require immediate attention due to the easily accessible web interface on an internet or intranet-connected appliance for the application and the potential for unauthorized persons to access highly sensitive information
If exploited by cybercriminals, the identified vulnerabilities may lead to sensitive information disclosure of administrative account password hash, arbitrary OS command execution and file deletion as ROOT, and full compromise of the virtual appliance.
Dell has released a rollup patch for the SonicWALL Email Security platform, and has made this available to customers on 10/3/2016. Learn more at www.mysonicwall.com
Details surrounding each of the four vulnerabilities are available on the DDI website. Additionally, DDI’s patented scanning technology is capable of detecting all of these vulnerabilities with explicit network tests for the affected network services. Free scans are available.
Digital Defense Research Methodology and Practices
DDI’s Vulnerability Research Team (VRT) regularly works with organizations in the responsible disclosure of zero-day vulnerabilities. The expertise of DDI’s VRT, when coupled with the company’s next generation hybrid cloud platform, Frontline™ Vulnerability Manager, enables early detection capabilities. When zero-days are discovered and internally validated, the VRT immediately contacts the affected vendor to notify the organization of the new finding(s) and then assists, wherever possible, with the vendor’s remediation actions.
“The combination of our superior technology and experienced vulnerability researchers is providing a valuable service by identifying previously unknown security vulnerabilities before they are able to be leveraged for cybercrime” states Larry Hurtado, DDI president & CEO. “As part of a security community with a mission to defend against cyber-attacks, we work jointly with technology vendors to address issues in a collaborative manner.”
About Digital Defense
Founded in 1999, Digital Defense, Inc. (DDI) is a trusted provider of managed security risk assessment solutions, protecting billions of dollars in assets for clients around the globe, including those in highly regulated industries such as healthcare, financial and retail; as well as those entrusted with sensitive data, such as legal and energy sector members. DDI’s unique Vulnerability Management as a Service (VMaaS™) model delivers consistently accurate vulnerability scanning and penetration testing, while its security awareness training promotes employees’ security-minded behavior. DDI security solutions are highly regarded by industry experts, as illustrated by the company’s top 25 ranking (#21) in Cybersecurity Ventures’ list of the World’s 500 Hottest Cybersecurity Companies, as well as inclusion in CSO Outlook’s Top 10 Network Security Companies and CIO Review’s 20 Most Promising Cyber Security Solutions. Contact DDI at 888-273-1412 or digitaldefense.com; and connect with us on LinkedIn, Twitter and Blog.
Digital Defense and the Shield Logo are Registered Service Marks of Digital Defense, Inc. All other trademarks are the property of their respective owners.
*At the time of this case study, Fortra VM and its corresponding security solutions were referred to under the Frontline brand.