Security News > 2021 > April > SonicWall warns customers to patch 3 zero-days exploited in the wild

SonicWall warns customers to patch 3 zero-days exploited in the wild
2021-04-20 18:23

Security hardware manufacturer SonicWall is urging customers to patch a set of three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products.

"In at least one known case, these vulnerabilities have been observed to be exploited 'in the wild,'" SonicWall said in a security advisory published earlier today.

The full list of SonicWall products affected by the three zero-days is available in the table below, together with information on the patched versions and links to security advisories.

SonicWall Hosted Email Security was automatically patched on Monday, April 19th, and no action is needed from customers only using SonicWall's hosted email security product.

SonicWall disclosed in January 2021 that unknown threat actors exploited a zero-day vulnerability in their Secure Mobile Access and NetExtender VPN client products in attacks targeting the company's internal systems.

One month later, SonicWall fixed an actively exploited zero-day vulnerability impacting the SMA 100 series of SonicWall networking devices.


News URL

https://www.bleepingcomputer.com/news/security/sonicwall-warns-customers-to-patch-3-zero-days-exploited-in-the-wild/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 113 0 41 74 38 153