Name of the Vulnerable Software and Affected Versions SonicWall Secure Remote Access (SRA) appliances versions 8.x SonicWall Secure Remote Access (SRA) appliances versions 9.0.0.9-26sv through 9.0.0.9

Description The issue is related to improper neutralization of a SQL Command, leading to SQL Injection. This was reported by CrowdStrike and impacts end-of-life Secure Remote Access (SRA) products. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For SonicWall Secure Remote Access (SRA) appliances versions 8.x, upgrade immediately to a version that is not affected by this vulnerability. For SonicWall Secure Remote Access (SRA) appliances versions 9.0.0.9-26sv through 9.0.0.9, upgrade immediately to version 9.0.0.10 or later. As a temporary workaround, consider restricting access to the SQL command functionality until a patch is available.