SonicWall warns users about zero-day vulnerabilities

Cybersecurity company SonicWall has issued an urgent security notice. In the notice, SonicWall warns its customers that multiple zero-day vulnerabilities are being exploited by threat actors. The notice in part reads as follows:

SonicWall provides cybersecurity products, services and solutions designed to help keep organizations safe from increasingly sophisticated cyber threats. As the front line of cyber defense, we have seen a dramatic surge in cyberattacks on governments and businesses, specifically on firms that provide critical infrastructure and security controls to those organizations.

We believe it is extremely important to be transparent with our customers, our partners and the broader cybersecurity community about the ongoing attacks on global business and government.

Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.

Secure remote access products, at least in this instance, refers to the virtual private networks and firewalls that SonicWall provides to its corporate customers. When the notice first was released, SonicWall warned that the following services might be affected:

  • NetExtender VPN client version 10.x (released in 2020) utilized to connect to SMA 100 series appliances and SonicWall firewalls.
  • Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances, and the SMA 500v virtual appliance.

After more research conducted by SonicWall’s engineering team, NetExtender VPN client version 10.x was determined not to be affected by the zero-day attacks. At the current time in SonicWall’s investigation, the only wildcard is the SMA 100 series. For this reason, if the SMA 100 series must be used, SonicWall recommends administrators “create specific access rules or disable Virtual Office and HTTPS administrative access from the Internet” until the situation can be considered under control.

As this is a rapidly developing situation, information is subject to change at any time. We will follow-up on any significant updates.

Featured image: SonicWall

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Trench Tales: Using Intune for mobile device management of privately-owned devices

If your employees use their own mobile devices at work, mobile device management is a…

1 day ago

Another school district hit by ransomware attack

A local school district in Michigan is dealing with an attack from ransomware, something that…

1 day ago

An absolute beginner’s guide to Microsoft Hyper-V revisited

Want to take the plunge into virtual machines? This guide for Microsoft’s Hyper-V will get…

2 days ago

Millions of COVID-19 test results leaked in India

Sensitive COVID-19 test results have again leaked from the Indian government, a situation that could…

2 days ago

Still running Skype for Business? Time to upgrade to Microsoft Teams

Skype for Business may have served you well, but it won’t serve you at all…

2 days ago

Five CISO challenges that must be faced in an increasingly risky world

The CISO is the pinnacle of a career in information security. To be successful in…

3 days ago