Security News > 2021 > February > SonicWall Patches SMA Zero-Day Vulnerability Exploited in Attacks
SonicWall on Wednesday announced that it released firmware updates for its Secure Mobile Access 100 series appliances to patch an actively exploited zero-day vulnerability.
Which specializes in firewalls and other cybersecurity solutions, previously told SecurityWeek that a few thousand devices are exposed to attacks due to the vulnerability.
The critical patch can be applied to SMA 200, 210, 400 and 410 physical appliances, and SMA 500v virtual appliances on Azure, AWS, ESXi and Hyper-V. Other SonicWall products do not appear to be impacted.
"A vulnerability resulting in improper SQL command neutralization in the SonicWall SSLVPN SMA100 product allows remote exploitation for credential access by an unauthenticated attacker," reads SonicWall's advisory for CVE-2021-20016.
SonicWall informed customers on January 22 that its internal systems were targeted in an attack apparently launched by sophisticated threat actors that may have exploited zero-day vulnerabilities in the company's secure remote access products.
Until the patches were made available, SonicWall shared some recommendations on how customers can prevent potential attacks, including by enabling multi-factor authentication, blocking access to appliances on the firewall, shutting down vulnerable devices, or downgrading firmware to a version that is not affected.
News URL
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Palo Alto Networks patches two firewall zero-days used in attacks (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Patches Two Zero-Day Attack Vectors (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- Fully patched Cleo products under renewed 'zero-day-ish' mass attack (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-04 | CVE-2021-20016 | SQL Injection vulnerability in Sonicwall products A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. | 9.8 |