Security News > 2021 > February > SonicWall fixes actively exploited SMA 100 zero-day vulnerability
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances.
On January 22nd, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in the SMA 100 series of SonicWall networking devices.
A little over a week later, cybersecurity firm NCC Group discovered a zero-day vulnerability for the SonicWall SMA 100 that was actively being exploited in the wild.
SonicWall later confirmed the zero-day vulnerability and announced that owners could use the built-in Web Application Firewall to neutralize the vulnerability.
As WAF requires a paid license, SonicWall has added a free 60 day WAF license to all registered SMA 100 series devices with 10.X code.
Today, SonicWall has released an SMA 100 series firmware 10.2.0.5-29sv update that fixes the actively exploited zero-day vulnerability in the SMA 100 series of devices.
News URL
Related news
- Zero-Day Vulnerability in Ivanti VPN (source)
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)