Hardcoded credentials in SonicWall Email Security Virtual Appliance
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-20025 |
| CWE-ID | CWE-798 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
SonicWall On-premise Email Security (ES) Client/Desktop applications / Antivirus software/Personal firewalls SonicWall Hosted Email Security (HES) Client/Desktop applications / Antivirus software/Personal firewalls |
| Vendor | SonicWall |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Use of hard-coded credentials
EUVDB-ID: #VU53230
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-20025
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code, a default username and a password are used at initial setup. A remote unauthenticated attacker can access the Virtual Appliance using the default credentials only when the device is freshly installed and not connected to Mysonicwall.
Install updates from vendor's website.
Vulnerable software versionsSonicWall On-premise Email Security (ES): before 10.0.10
SonicWall Hosted Email Security (HES): before 10.0.10
CPE2.3- cpe:2.3:a:sonicwall:sonicwall_on-premise_email_security_es:*:*:*:*:*:*:*:*
- cpe:2.3:a:sonicwall:sonicwall_hosted_email_security_hes:*:*:*:*:*:*:*:*
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
