Security News > 2021 > April > Three Zero-Day Flaws in SonicWall Email Security Product Exploited in Attacks
SonicWall's Email Security product is affected by three vulnerabilities that have been exploited in attacks.
FireEye, whose incident response unit Mandiant spotted the vulnerabilities and their active exploitation in March, warned on Tuesday that a threat actor had been observed exploiting the SonicWall Email Security flaws to install backdoors, access emails and files, and move laterally in the victim's network.
SonicWall says the vulnerabilities impact Email Security for Windows, as well as hardware and ESXi virtual appliances.
SonicWall released security advisories for two of the exploited vulnerabilities on April 9 and 10, but only released a public security notice to warn about exploitation attempts on April 20, when it also released an advisory for the third flaw.
In a blog post describing the vulnerabilities and the attacks, FireEye said the attackers targeted the latest version of the Email Security application running on Windows Server 2012.
Through the course of this process, SonicWall was made aware of and verified certain zero-day vulnerabilities - in at least one known case, being exploited in the wild - to its hosted and on-premises email security products.
News URL
Related news
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Palo Alto Networks patches two firewall zero-days used in attacks (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Patches Two Zero-Day Attack Vectors (source)
- Zero-day data security (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)