The latest patches, for its SMA 100 series products, comes less than three weeks after an updates to patch a zero-day vulnerability.

Dark Reading Staff, Dark Reading

February 24, 2021

1 Min Read

Network security firm SonicWall today released a new set of firmware patches for its SMA 100 series products, which provide workers with remote access to internal resources. 

The release is an update to a previous alert from Feb. 3, in which the firm warned that a remote attacker could exploit a vulnerability in versions of the products' SMA 10 code prior to 10.2.0.5-29sv to take control of an affected system. The company says even organizations that have applied the firmware update still need to upgrade to SMA 10.2.0.6-32sv. 

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is also advising users and administrators to review the updated SonicWall alert and apply the necessary patches as soon as possible.

In January, SonicWall said it detected an attack "by highly sophisticated threat actors exploiting probably zero-day vulnerabilities on certain SonicWall secure remote access products." 

The coordinated attack is one of several on security vendors of late, including Microsoft, FireEye, and Malwarebytes.

Read more here and here.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights