Security News > 2021 > February > SonicWall fixes actively exploited SMA 100 zero-day vulnerability
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances.
On January 22nd, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in the SMA 100 series of SonicWall networking devices.
A little over a week later, cybersecurity firm NCC Group discovered a zero-day vulnerability for the SonicWall SMA 100 that was actively being exploited in the wild.
SonicWall later confirmed the zero-day vulnerability and announced that owners could use the built-in Web Application Firewall to neutralize the vulnerability.
As WAF requires a paid license, SonicWall has added a free 60 day WAF license to all registered SMA 100 series devices with 10.X code.
Today, SonicWall has released an SMA 100 series firmware 10.2.0.5-29sv update that fixes the actively exploited zero-day vulnerability in the SMA 100 series of devices.
News URL
Related news
- SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access (source)
- Versa fixes Director zero-day vulnerability exploited in attacks (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)