On Friday evening (January 22nd), SonicWall released a security notice that their internal systems were compromised by unknown hackers that leveraged a "zero-day" vulnerability in their VPN product.
Why does it matter?
As many dealerships in North America find their networks behind SonicWall firewalls, this is an incident that needs to be watched carefully.
What does this vulnerability do?
At the moment, SonicWall has stated that the potential impact would allow unauthorized access by third parties (hackers) to a dealership's internal networks at any given branch location.
What we know.
As we've been monitoring the situation with the SonicWall vulnerabilities, they have released a few updates over the weekend.
Initial reports from SonicWall are not entirely clear. It appears that vulnerabilities exist within NetExtender VPN Client software, SonicWall SMA-series firewalls and (possibly) all other firewall models. The recommendations by SonicWall at this point are to either white-list all known IP addresses for remote access or to disable all VPN services on your firewalls.