Zero-Day Announcement: Security Vulnerabilities Discovered by Digital Defense, Inc.

SAN ANTONIO--()--Digital Defense, Inc. (DDI), a leading provider of managed security risk assessments, disclosed the discovery of six security vulnerabilities found in the network management services of the Dell SonicWALL GMS platform, a central management reporting and monitoring solution for SonicWALL appliances such as SSL-VPNs and firewalls. Close collaboration between Dell and DDI has resulted in a prompt remediation of the issues.

DDI detected the previously unknown vulnerabilities while developing new audit modules for its patented vulnerability scanning technology. The newly identified vulnerabilities require immediate attention due to the unauthenticated nature of exploitation available.

If exploited by cybercriminals, the identified vulnerabilities lead to the exposure of a GMS interface and some of its files in their encrypted form.

It is critical for organizations to immediately apply the patches released by Dell for the GMS platform. Learn more at

About the Vulnerabilities

Details surrounding each of the six vulnerabilities are available on the DDI website. Additionally, DDI’s patented scanning technology is capable of detecting all of these vulnerabilities with explicit network tests for the affected network services. Free scans are available.

Digital Defense Research Methodology and Practices

DDI’s Vulnerability Research Team (VRT) actively works to find new zero-day vulnerabilities utilizing the company’s hybrid cloud platform, FrontlineVulnerability Manager (Frontline VM). The joint effort provides Frontline VM customers early detection capabilities for vulnerabilities such as the identified Dell SonicWALL GMS conditions.

Mike Cotton, Vice President of Research and Development at DDI, states, “The strength of our Vulnerability Research Team, combined with our state-of-the-art technology, enables the capability to quickly identify the zero-day vulnerabilities that may threaten the security of organizations. As evidenced through the positive collaboration with Dell, the swift identification and remediation of security issues is paramount to keeping clients secure.”

About Digital Defense

Founded in 1999, Digital Defense, Inc. (DDI) is a trusted provider of managed security risk assessment solutions, protecting billions of dollars in assets for clients around the globe, including those in highly regulated industries such as healthcare, financial and retail; as well as those entrusted with sensitive data, such as law firms and energy companies. DDI’s unique Vulnerability Management as a Service (VMaaS) model delivers consistently accurate vulnerability scanning and penetration testing, while its security awareness training promotes employees’ security-minded behavior. DDI security solutions are highly regarded by industry experts, as illustrated by the company’s top 25 ranking (#21) in Cybersecurity Ventures’ list of the World’s 500 Hottest Cybersecurity Companies, as well as inclusion in CSO Outlook’s Top 10 Network Security Companies and CIO Review’s 20 Most Promising Cyber Security Solutions. Contact DDI at 888-273-1412 or; and connect with us on LinkedIn, Twitter and Blog.

Digital Defense and the Shield Logo are Registered Service Marks of Digital Defense, Inc. All other trademarks are the property of their respective owners.


Edelman for Digital Defense, Inc.
Marissa Sandell, 512-982-7865

Release Summary

Zero-Day Announcement: Digital Defense, Inc. discloses the discovery of six previously unknown vulnerabilities.


Edelman for Digital Defense, Inc.
Marissa Sandell, 512-982-7865