Security News > 2021 > April > Three Zero-Day Flaws in SonicWall Email Security Product Exploited in Attacks
![Three Zero-Day Flaws in SonicWall Email Security Product Exploited in Attacks](/static/build/img/news/alt/cyber-threat-stats-medium.jpg)
SonicWall's Email Security product is affected by three vulnerabilities that have been exploited in attacks.
FireEye, whose incident response unit Mandiant spotted the vulnerabilities and their active exploitation in March, warned on Tuesday that a threat actor had been observed exploiting the SonicWall Email Security flaws to install backdoors, access emails and files, and move laterally in the victim's network.
SonicWall says the vulnerabilities impact Email Security for Windows, as well as hardware and ESXi virtual appliances.
SonicWall released security advisories for two of the exploited vulnerabilities on April 9 and 10, but only released a public security notice to warn about exploitation attempts on April 20, when it also released an advisory for the third flaw.
In a blog post describing the vulnerabilities and the attacks, FireEye said the attackers targeted the latest version of the Email Security application running on Windows Server 2012.
Through the course of this process, SonicWall was made aware of and verified certain zero-day vulnerabilities - in at least one known case, being exploited in the wild - to its hosted and on-premises email security products.
News URL
Related news
- Google fixes fifth Chrome zero-day exploited in attacks this year (source)
- Apple backports fix for zero-day exploited in attacks to older iPhones (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- GhostEngine mining attacks kill EDR security using vulnerable drivers (source)
- CISOs pursuing AI readiness should start by updating the org’s email security policy (source)
- Check Point releases emergency fix for VPN zero-day exploited in attacks (source)
- Check Point Warns of Zero-Day Attacks on its VPN Gateway Products (source)
- Check Point VPN zero-day exploited in attacks since April 30 (source)
- Black Basta ransomware gang linked to Windows zero-day attacks (source)
- Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day (source)