Η Sonicall warns them customers on about exploiting a zero-day vulnerability in its VPN products, by cybercriminals. According to the warning, criminals use it vulnerability to attack the interior systems the company's.
SonicWall is known for its construction firewall, VPN gateways and for providing network security solutions.
On Friday night, SonicWall published one urgent warning, in which he said that criminals used a zero-day vulnerability in the device Secure Mobile Access (SMA) VPN and NetExtender VPN client for internal contamination systems.
SonicWall has started research to find which ones Appliances affected by this vulnerability. At the moment, we know the following:
- NetExtender VPN client version 10.x (released in 2020)
- Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical devices and virtual SMA 500v
- SonicWall Firewalls
- NetExtender VPN Client
- SMA 1000 Series
- SοnicWall SonicWave APs
For unaffected devices, the customers and partners do not need to take any action.
Also under investigation:
SMA 100 Series
SonicWall suggests its customers to enable Multi-Factor Authentication (MFA) on Appliances affected by zero-day vulnerability and restrict access to devices.
Multi-factor authentication (MFA) must be enabled on all SonicWall SMA, firewalls and Mysonicwall accounts.
So far, SocialWall has not provided details on the zero-day vulnerability.
Source: Bleeping Computer