Security News > 2021 > February > SonicWall SMA 100 zero-day exploit actively used in the wild
A SonicWall SMA 100 zero-day vulnerability is being actively exploited in the wild, according to a tweet by cybersecurity firm NCC Group.
While SonicWall investigates the vulnerability and has not provided many details, they state that it likely affects their SMA 100 series line of remote access appliances.
Over the weekend, cybersecurity firm NCC Group tweeted that they have detected an exploit against SonicWall SMA 100 devices being used indiscriminately in the wild.
"Our team has observed signs of an attempted exploitation of a vulnerability that affects the SonicWall SMA 100 series devices. We are working closely with SonicWall to investigate this in more depth," the NCC Group told BleepingComputer.
In an update to their SMA 100 security advisory, SonicWall confirmed the zero-day vulnerability discovered by NCC Group.
"SonicWall has identified the vulnerable code and is working on a patch to be available by end of day on February 2, 2021. This vulnerability affects both physical and virtual SMA 100 10.x devices."
News URL
Related news
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Zero-day exploits plague Ivanti Connect Secure appliances for second year running (source)
- Nominet probes network intrusion linked to Ivanti zero-day exploit (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix (source)