Security News > 2021 > April > Three Zero-Day Flaws in SonicWall Email Security Product Exploited in Attacks

Three Zero-Day Flaws in SonicWall Email Security Product Exploited in Attacks
2021-04-21 08:54

SonicWall's Email Security product is affected by three vulnerabilities that have been exploited in attacks.

FireEye, whose incident response unit Mandiant spotted the vulnerabilities and their active exploitation in March, warned on Tuesday that a threat actor had been observed exploiting the SonicWall Email Security flaws to install backdoors, access emails and files, and move laterally in the victim's network.

SonicWall says the vulnerabilities impact Email Security for Windows, as well as hardware and ESXi virtual appliances.

SonicWall released security advisories for two of the exploited vulnerabilities on April 9 and 10, but only released a public security notice to warn about exploitation attempts on April 20, when it also released an advisory for the third flaw.

In a blog post describing the vulnerabilities and the attacks, FireEye said the attackers targeted the latest version of the Email Security application running on Windows Server 2012.

Through the course of this process, SonicWall was made aware of and verified certain zero-day vulnerabilities - in at least one known case, being exploited in the wild - to its hosted and on-premises email security products.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/6JfYDf7SUAo/three-zero-day-flaws-sonicwall-email-security-product-exploited-attacks

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 113 0 41 74 38 153