New VPN Security Vulnerability Could Affect Businesses and Consumers

Date: 10/19/2020
  • A new VPN security vulnerability could affect as many as 800,000 internet-accessible SonicWall VPN appliances.
  • According to researchers, the bug can allow a denial of service cyberattack and crash services, creating widespread damage.
  • SonicWall VPN users should install the recently released SonicWall patches to eliminate their risk of attackers gaining access.
  • For more information, contact the Identity Theft Resource Center toll-free at 888.400.5530 or live-chat with an advisor on the company website.

A virtual private network (VPN) is a tool used by many businesses and consumers and is more important now than ever with so many people working from home. It is a digital tool that helps keep hackers, identity thieves, spammers and even advertisers from seeing someone’s online activity. According to ZDNet, a recently discovered VPN security vulnerability could affect as many as 800,000 internet-accessible SonicWall VPN appliances. 

What Happened 

Infosecurity Magazine says researchers found a vulnerability in the SonicWall’s Network Security Appliance (NSA). An NSA is used as a firewall and VPN portal to filter, control and allow employees to access internal and private networks.  

How It Can Impact You 

Researchers claim the bug can allow a denial of service attack and crash services, creating widespread damage. SonicWall says the CVSS risk score of the VPN vulnerability is 9.4 out of 10, and the bug can be remotely executed without requiring the attacker to have the credentials needed to access the VPN. VPN systems continue to be targeted by attackers looking to take advantage of the large number of remote workers who rely on them.  

What You Need to Do 

SonicWall says, right now, they are not aware of an exploited bug or if the VPN security vulnerability has impacted any customers. However, SonicWall recently released patches for the vulnerability. Customers affected should patch their VPNs to eliminate the risk of attackers gaining access. Employees should check with their IT administrators to ensure the proper steps are taken to keep them and their remote worker peers safe.  

A VPN is a great way for people to stay safe online. It protects all sensitive activities conducted online. However, it is essential to keep VPN software up-to-date by applying security patches and software updates as quickly as possible.

Need More Help?

Anyone who wants to learn more can call the Identity Theft Resource Center (ITRC) toll-free at 888.400.5530 to speak with an expert advisor. They can also live-chat with an advisor on the company website. For on-the-go assistance, consumers are encouraged to check out the free ID Theft Help App from ITRC.


Read more of our latest articles below

Identity Theft Resource Center® Reports 30 Percent Decrease in Data Breaches so Far in 2020

Election Scams Begin to Surface with the General Election Less than One Month Away

Recent Insider Attacks Stress the Importance of Smart Business Practices

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center