SonicWall Zero-Day Vulnerabilities Are Exploited in the Wild

SonicWall’s Customers Are Urged to Patch 3 Zero-Day Vulnerabilities that Are Exploited.

LAST UPDATED ON APRIL 21, 2021
QUICK READ
1 min
Let's get started!
DORA
TUDOR
CYBER SECURITY ENTHUSIAST

SonicWall is urging its customers to patch a set of three zero-day vulnerabilities that are affecting its on-premises and also the hosted Email Security products.

SonicWall is selling a range of Internet appliances directed at content control and network security, as well, including devices that are providing services for network firewalls, threat management, VPNs, and also anti-spam for email.

SonicWalls How it works

Source

The vulnerabilities were acknowledged and validated on the 29th of March with a hotfix becoming available on April 9th. In order to mitigate the three CVEs, it is recommended to upgrade the Email Security to version 10.0.9.6173 (Windows) or 10.0.9.6177 (Hardware & ESXi Virtual Appliances).

An interesting fact is that organizations using SonicWall Hosted Email Security products were automatically updated therefore no action is required for those customers.

In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’ It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version.

Source

The three zero-days vulnerabilities were reported by Josh Fleischer and Chris DiGiamo, and they are being tracked as:

  • CVE-2021-20021: This vulnerability allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.
  • CVE-2021-20022: It contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.
  • CVE-2021-20023: This contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
Heimdal Official Logo
Your perimeter network is vulnerable to sophisticated attacks.

Heimdal® Network DNS Security

Is the next-generation network protection and response solution that will keep your systems safe.
  • No need to deploy it on your endpoints;
  • Protects any entry point into the organization, including BYODs;
  • Stops even hidden threats using AI and your network traffic log;
  • Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

This is not the first cybersecurity unfortunate event that the company had to deal with this year, with SonicWall having to release in January a patch for the zero-day vulnerability used in attacks against the SMA 100 series.

RELATED

Defining Zero Day Vulnerability

11 Zero-Day Flaws Exploited in 2020 Campaigns, Google Reports

Cloud Computing Threats: Beyond Vulnerabilities

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP