CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices

Avatar
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection
[[{“value”:”

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection that could result in code execution.

“Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a ‘nobody’ user, which could potentially lead to code execution,” SonicWall said in an advisory released in September 2021.

The flaw impacts SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v (ESX, KVM, AWS, Azure) devices running the following versions –

10.2.1.0-17sv and earlier (Fixed in 10.2.1.1-19sv and higher)
10.2.0.7-34sv and earlier (Fixed in 10.2.0.8-37sv and higher)
9.0.0.10-28sv and earlier (Fixed in 9.0.0.11-31sv and higher)

While the exact details surrounding the exploitation of CVE-2021-20035 are presently unknown, SonicWall has since revised the bulletin to acknowledge that “this vulnerability is potentially being exploited in the wild.”

Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary mitigations by May 7, 2025, to secure their networks against active threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Previous Post

Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks

Next Post

Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers

Related Posts

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw

Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a CVSS score of 9.3 out of a maximum of 10.0. "An unverified password change vulnerability [CWE-620] in FortiSwitch GUI may allow a remote unauthenticated attacker to modify
Avatar
Read More

Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices

Apple has been hit with a fine of €150 million ($162 million) by France's competition watchdog over the implementation of its App Tracking Transparency (ATT) privacy framework. The Autorité de la concurrence said it's imposing a financial penalty against Apple for abusing its dominant position as a distributor of mobile applications for iOS and iPadOS devices between April 26, 2021 and July 25,
Avatar
Read More