Security News > 2021 > April > SonicWall warns customers to patch 3 zero-days exploited in the wild
Security hardware manufacturer SonicWall is urging customers to patch a set of three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products.
"In at least one known case, these vulnerabilities have been observed to be exploited 'in the wild,'" SonicWall said in a security advisory published earlier today.
The full list of SonicWall products affected by the three zero-days is available in the table below, together with information on the patched versions and links to security advisories.
SonicWall Hosted Email Security was automatically patched on Monday, April 19th, and no action is needed from customers only using SonicWall's hosted email security product.
SonicWall disclosed in January 2021 that unknown threat actors exploited a zero-day vulnerability in their Secure Mobile Access and NetExtender VPN client products in attacks targeting the company's internal systems.
One month later, SonicWall fixed an actively exploited zero-day vulnerability impacting the SMA 100 series of SonicWall networking devices.
News URL
Related news
- Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability (source)
- Apple backports iOS zero-day patch, adds Bluetooth tracker alert (source)
- Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws (source)
- May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) (source)