Security News > 2021 > April > 3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances
![3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances](/static/build/img/news/3-zero-day-exploits-hit-sonicwall-enterprise-email-security-appliances.jpg)
SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security product that are being actively exploited in the wild.
"The adversary leveraged these vulnerabilities, with intimate knowledge of the SonicWall application, to install a backdoor, access files, and emails, and move laterally into the victim organization's network."
"With the addition of a web shell to the server, the adversary had unrestricted access to the command prompt, with the inherited permissions of the NT AUTHORITYSYSTEM account," FireEye said, adding the attacker then used "Living off the land" techniques to harvest credentials, move laterally across the network, and even "Compress a subdirectory [that] contains daily archives of emails processed by SonicWall ES.".
SonicWall users are recommended to upgrade to 10.0.9.6173 Hotfix for Windows and 10.0.9.6177 Hotfix for hardware and ESXi virtual appliances.
The SonicWall Hosted Email Security product was automatically patched on April 19 and hence no additional action is required.
"Through the course of this process, SonicWall was made aware of and verified certain zero-day vulnerabilities - in at least one known case, being exploited in the wild - to its hosted and on-premises email security products," the company said in a statement to The Hacker News.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/ZJZxGWLjL1k/3-zero-day-exploits-hit-sonicwall.html
Related news
- Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671) (source)
- PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers (source)
- QNAP QTS zero-day in Share feature gets public RCE exploit (source)
- CISOs pursuing AI readiness should start by updating the org’s email security policy (source)
- Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024 (source)
- Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel (source)
- Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day (source)
- Zero-Day Exploits Cheat Sheet: Definition, Examples & How It Works (source)