Security News > 2021 > February > SonicWall fixes actively exploited SMA 100 zero-day vulnerability

SonicWall fixes actively exploited SMA 100 zero-day vulnerability
2021-02-03 20:28

SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances.

On January 22nd, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in the SMA 100 series of SonicWall networking devices.

A little over a week later, cybersecurity firm NCC Group discovered a zero-day vulnerability for the SonicWall SMA 100 that was actively being exploited in the wild.

SonicWall later confirmed the zero-day vulnerability and announced that owners could use the built-in Web Application Firewall to neutralize the vulnerability.

As WAF requires a paid license, SonicWall has added a free 60 day WAF license to all registered SMA 100 series devices with 10.X code.

Today, SonicWall has released an SMA 100 series firmware 10.2.0.5-29sv update that fixes the actively exploited zero-day vulnerability in the SMA 100 series of devices.


News URL

https://www.bleepingcomputer.com/news/security/sonicwall-fixes-actively-exploited-sma-100-zero-day-vulnerability/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 113 0 41 74 38 153
SMA 42 0 0 8 8 16