Security News

SonicWall on Monday confirmed that its Secure Mobile Access 100 series appliances are affected by a zero-day vulnerability that has apparently already been exploited in attacks. SonicWall told SecurityWeek that a few thousand devices are exposed to attacks due to the zero-day vulnerability.

A SonicWall SMA 100 zero-day vulnerability is being actively exploited in the wild, according to a tweet by cybersecurity firm NCC Group. While SonicWall investigates the vulnerability and has not provided many details, they state that it likely affects their SMA 100 series line of remote access appliances.

UPDATE. SonicWall said a zero-day in its SMA 100 series 10.x code was targeted by "Highly-sophisticated" attackers. "On Sunday, January 31, 2021, the NCC Group alerted the SonicWall Product Security Incident Response Team about a potential zero-day vulnerability in the SMA 100 series. Our engineering team confirmed their submission as a critical zero-day in the SMA 100 series 10.x code," said SonicWall in an updated statement.

On Friday evening, SonicWall announced that it "Identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products." "We believe it is extremely important to be transparent with our customers, our partners and the broader cybersecurity community about the ongoing attacks on global business and government," SonicWall said while warning the public about the potential zero-day vulnerabilities in the NetExtender VPN Client and Secure Mobile Access physical and virtual appliances.

The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access that are used to provide users with remote access to internal resources. "Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products," the company exclusively told The Hacker News.

SonicWall is a well-known manufacturer of hardware firewall devices, VPN gateways, and network security solutions whose products are commonly used in SMB/SME and large enterprise organizations. On Friday night, SonicWall released an 'urgent advisory' stating that hackers used a zero-day vulnerability in their Secure Mobile Access VPN device and its NetExtender VPN client in a "Sophisticated" attack on their internal systems.

SonicWall is a well-known manufacturer of hardware firewall devices, VPN gateways, and network security solutions whose products are commonly used in SMB/SME and large enterprise organizations. On Friday night, SonicWall released an 'urgent advisory' stating that hackers used a zero-day vulnerability in their Secure Mobile Access VPN device and its NetExtender VPN client in a "Sophisticated" attack on their internal systems.

UPDATE] Cybersecurity firm SonicWall said late on Friday that some of its internal systems were targeted by "Highly sophisticated threat actors" exploiting what appear to be zero-day vulnerabilities affecting some of the company's products. The SMA 100 Series product remains under investigation, SonicWall said.

SonicWall announced the expansion of its Capture Cloud Platform with the addition of the high-performance NSa 2700 firewall and three new cost-effective TZ firewall options. The new SonicWall NSa 2700 expands multi-gigabit threat performance to enterprises, MSSPs, government agencies, as well as key retail, healthcare and hospitality verticals.

A critical vulnerability in a SonicWall enterprise VPN firewall can be exploited to crash the device or remotely execute code on it, reverse engineers said this week. In a statement SonicWall said it "Was contacted by a third-party research team regarding issues related to SonicWall next-generation virtual firewall models." The spokesman went on to say that SonicWall's own engineers discovered even more vulns while reproducing Tripwire's findings, going on to develop patches for the whole lot.