SonicWall Zero-Day Vulnerabilities Are Exploited in the Wild
SonicWall’s Customers Are Urged to Patch 3 Zero-Day Vulnerabilities that Are Exploited.
SonicWall is urging its customers to patch a set of three zero-day vulnerabilities that are affecting its on-premises and also the hosted Email Security products.
SonicWall is selling a range of Internet appliances directed at content control and network security, as well, including devices that are providing services for network firewalls, threat management, VPNs, and also anti-spam for email.
The vulnerabilities were acknowledged and validated on the 29th of March with a hotfix becoming available on April 9th. In order to mitigate the three CVEs, it is recommended to upgrade the Email Security to version 10.0.9.6173 (Windows) or 10.0.9.6177 (Hardware & ESXi Virtual Appliances).
An interesting fact is that organizations using SonicWall Hosted Email Security products were automatically updated therefore no action is required for those customers.
In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’ It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version.
- CVE-2021-20021: This vulnerability allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.
- CVE-2021-20022: It contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.
- CVE-2021-20023: This contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
Heimdal® Threat Prevention - Network
- No need to deploy it on your endpoints;
- Protects any entry point into the organization, including BYODs;
- Stops even hidden threats using AI and your network traffic log;
- Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;
This is not the first cybersecurity unfortunate event that the company had to deal with this year, with SonicWall having to release in January a patch for the zero-day vulnerability used in attacks against the SMA 100 series.