Security News > 2021 > February > SonicWall fixes actively exploited SMA 100 zero-day vulnerability
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances.
On January 22nd, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in the SMA 100 series of SonicWall networking devices.
A little over a week later, cybersecurity firm NCC Group discovered a zero-day vulnerability for the SonicWall SMA 100 that was actively being exploited in the wild.
SonicWall later confirmed the zero-day vulnerability and announced that owners could use the built-in Web Application Firewall to neutralize the vulnerability.
As WAF requires a paid license, SonicWall has added a free 60 day WAF license to all registered SMA 100 series devices with 10.X code.
Today, SonicWall has released an SMA 100 series firmware 10.2.0.5-29sv update that fixes the actively exploited zero-day vulnerability in the SMA 100 series of devices.
News URL
Related news
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices (source)
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) (source)
- Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) (source)