Security News > 2021 > February > SonicWall SMA 100 zero-day exploit actively used in the wild
A SonicWall SMA 100 zero-day vulnerability is being actively exploited in the wild, according to a tweet by cybersecurity firm NCC Group.
While SonicWall investigates the vulnerability and has not provided many details, they state that it likely affects their SMA 100 series line of remote access appliances.
Over the weekend, cybersecurity firm NCC Group tweeted that they have detected an exploit against SonicWall SMA 100 devices being used indiscriminately in the wild.
"Our team has observed signs of an attempted exploitation of a vulnerability that affects the SonicWall SMA 100 series devices. We are working closely with SonicWall to investigate this in more depth," the NCC Group told BleepingComputer.
In an update to their SMA 100 security advisory, SonicWall confirmed the zero-day vulnerability discovered by NCC Group.
"SonicWall has identified the vulnerable code and is working on a patch to be available by end of day on February 2, 2021. This vulnerability affects both physical and virtual SMA 100 10.x devices."
News URL
Related news
- Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Malware exploits 5-year-old zero-day to infect end-of-life IP cameras (source)
- North Korean hackers exploit Chrome zero-day to deploy rootkit (source)
- North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit (source)
- Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE (source)
- Adobe fixes Acrobat Reader zero-day with public PoC exploit (source)
- Adobe fixed Acrobat bug, neglected to mention whole zero-day exploit thing (source)