SonicWall Confirms Zero-Day Vulnerability
The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.
SonicWall has confirmed a zero-day vulnerability affecting its SMA 100 Series. Its disclosure arrives as NCC Group researchers report an observation of attacks exploiting a SonicWall flaw.
On Jan. 25, the network security provider became the latest in a string of security vendors to disclose a cyberattack. In SonicWall's case, attackers allegedly exploited vulnerabilities in its own products to breach its internal network. While it was able to verify several tools that were not affected in the attack, an investigation into other SonicWall products was still ongoing.
One week later, SonicWall has confirmed a critical zero-day flaw affecting its SMA 100 series 10.x code. It has identified the vulnerable code and is developing a patch to be available by end of day on Feb. 2. This vulnerability affects physical and virtual SMA 100 10.x devices (SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v). SMA 100 firmware prior to 10.x is not affected.
Around the same time SonicWall disclosed the zero-day, security researchers with NCC Group reported on Twitter they observed "indication of indiscriminate use of an exploit in the wild." The researchers have contacted SonicWall and are reportedly working to investigate the attack.
A spokeswoman for NCC Group confirmed to Ars Technica that the attempted exploits target a vulnerability affecting the SonicWall SMA 100 series; however, no further details are available at this time.
SonicWall has published more details on the zero-day along with steps that companies can take to secure their tools before a patch arrives.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024