Call us on 03450 21 21 51

SRM Solutions
SRM make the Dell SonicWall Hall of Fame
The SRM Blog

SRM make the Dell SonicWall Hall of Fame

Mark Nordstrom

Written by Mark Nordstrom

23rd September 2019

Share this article

zero day vulnerability

SRM acknowledged by Dell Sonicwall for identification of Zero Day Vulnerability

One of the things that people outside of the cyber security community may not be aware of is the collaborative nature of the industry. While businesses in other professions may come together to partner on profitable projects, it’s rare to see organisations support each other in their day-to-day work purely for the benefit of the wider eco-system.

To give a clearer indication of how this works, we need look no further than our own recent work with Dell SonicWall – for which we were given the honour of being added to the much-coveted Hall of Fame. Ok, we may not be unveiling a star on a street near you any time soon but, nevertheless, this acknowledgement serves to highlight how threats to cyber security can be reduced through effective collaboration.

In this instance, Pen Testing team member Ross Bradley identified a zero-day vulnerability (CVE-2019-7478) in the Dell SonicWall Analyser back in November 2018 while carrying out one of our regular penetration tests on one of our own networks. By flagging this issue and working with Dell SonicWall to patch the problem over the subsequent months, we are proud to say that we not only helped them make their firewall more robust but, as a consequence, we have also helped organisations using this software to safeguard against a potential breach.

The outcome

As of the 22nd of August 2019, Dell has released a patch for this vulnerability (Hotfix 217491.3) and through our own testing we have been able to show that the vulnerability has been effectively resolved. A great result for Dell and a proud achievement for the team here at SRM.

If you’re interested to find out more about the technical details of the Zero Day Vulnerability, how we discovered it and how we investigated the issue, you can do so here.

 

If you aren’t regularly testing the resilience of your networks, it could be time for you to invest in professional penetration testing. Find out more about how we work here or why not call us for a chat on 03450 21 21 51 and we’re always happy to provide a no-obligation quote.