SonicWall Confirms Zero-Day VulnerabilitySonicWall Confirms Zero-Day Vulnerability
The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.
February 2, 2021
SonicWall has confirmed a zero-day vulnerability affecting its SMA 100 Series. Its disclosure arrives as NCC Group researchers report an observation of attacks exploiting a SonicWall flaw.
On Jan. 25, the network security provider became the latest in a string of security vendors to disclose a cyberattack. In SonicWall's case, attackers allegedly exploited vulnerabilities in its own products to breach its internal network. While it was able to verify several tools that were not affected in the attack, an investigation into other SonicWall products was still ongoing.
One week later, SonicWall has confirmed a critical zero-day flaw affecting its SMA 100 series 10.x code. It has identified the vulnerable code and is developing a patch to be available by end of day on Feb. 2. This vulnerability affects physical and virtual SMA 100 10.x devices (SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v). SMA 100 firmware prior to 10.x is not affected.
Around the same time SonicWall disclosed the zero-day, security researchers with NCC Group reported on Twitter they observed "indication of indiscriminate use of an exploit in the wild." The researchers have contacted SonicWall and are reportedly working to investigate the attack.
A spokeswoman for NCC Group confirmed to Ars Technica that the attempted exploits target a vulnerability affecting the SonicWall SMA 100 series; however, no further details are available at this time.
SonicWall has published more details on the zero-day along with steps that companies can take to secure their tools before a patch arrives.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023