Security advisories

SonicWall Zero-Day Vulnerabilities

January 25, 2021 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

UPDATE: On January 29th, 2021, SonicWall confirmed that a threat actor(s) is targeting SMA 100 series devices and that SonicWall customers have identified attacks employing stolen credentials.

THE THREAT:

The network security appliances company, SonicWall, has publicly acknowledged it was targeted in an attack involving multiple zero-day vulnerabilities. In this attack, threat actors exploited previously unknown vulnerabilities in the SonicWall Secure Mobile Access product. It is currently unclear whether SonicWall customers were affected by the attack, or whether these vulnerabilities were exploited on a wider scale.

Organizations employing the vulnerable products are recommended to review their SonicWall configurations and apply the recommendations provided below.

What we’re doing about it

What you should do about it

Additional information

SonicWall has not attributed the attack to any specific actor at this time but did state that the group is highly sophisticated and exploited multiple zero-day vulnerabilities. The knowledge base article posted by SonicWall will be updated with additional information as it becomes available.

Currently, information related to the vulnerabilities is limited. CVE numbers and vulnerability types are currently not public knowledge.

Known Impacted SonicWall Products (as of January 25th, 2021):

Products Currently Under Review by SonicWall (as of January 25th, 2021):

References:

[1] https://www.sonicwall.com/support/product-notification/urgent-security-notice-netextender-vpn-client-10-x-sma-100-series-vulnerability-updated-jan-23-2021/210122173415410/

View Most Recent Advisories