CVE-2021-20032: SonicWall Analytics remote command execution vulnerability alert

On August 10, 2021, SonicWall officially released a risk notice for SonicWall Analytics, the vulnerability number is CVE-2021-20032 with the CVSSv3 score of 9.8. The JDWP remote debugging interface of SonicWall Analytics 2.5 On-Prem exists a vulnerability. The interface is exposed on port 9000 by default. Attackers may cause remote code execution by constructing special HTTP requests.
CVE-2021-20032

Vulnerability detail

SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution

Affected version

  • Analytics On-Prem 2.5.2518 and earlier.

Unaffected version

  • Analytics On-Prem 2.5.2519 and later

Solution

In this regard, we recommend that users upgrade SonicWall Analytics to the latest version in time.