SonicWALL Security Breach Confirmed
Due to persistent and escalating security issues, we now consider SonicWALL firewalls to be a major liability to your network security.
This is based on a pattern of serious flaws and repeated breaches. Most recently, SonicWALL published two new critical advisories:
September 17th Advisory: Essential Credential Reset
This alert confirmed that user passwords and login details may have been compromised, requiring an urgent reset to prevent unauthorized access. This means that all of your network passwords must be changed.
https://www.sonicwall.com/support/knowledge-base/essential-credential-reset/250909151701590
September 19th Advisory: MySonicWall Cloud Backup File Incident
This critical incident revealed that highly sensitive network settings and backup files were stolen from SonicWALL’s cloud systems. These stolen files contain crucial information, including system encryption keys and potentially even your network passwords, allowing attackers a deeper level of access than previously understood.
These incidents, combined with previous issues (like those affecting remote access and allowing hackers to take control of devices), clearly show a deep-seated problem. SonicWALL’s inconsistent, vague, and changing guidance means there is currently no known, reliable, long-term fix for these ongoing dangers. This introduces an unacceptable level of risk to your business.
We strongly recommend prioritizing the replacement of your SonicWALL firewall with a more secure platform from a different vendor.
