SonicWall Investigating Zero-Day Attacks Against Its Products

/in


Application Security
,
Breach Notification
,
Cybercrime as-a-service

Company Says Certain VPNs and Gateways Affected By ‘Coordinated Attack’

Scott Ferguson (Ferguson_Writes) •
January 24, 2021    

SonicWall Investigating Zero-Day Attacks Against Its Products
A zero-dat attack is affecting SonicWall’s SMA 100 series gateway products (Source: SonicWall)

Security vendor SonicWall is investigating what the company calls a “coordinated attack” against its internal network by threat actors using a zero-day exploit within the company’s remote access products.

See Also: 2020 Trust Report: Measuring the Value of Security Amidst Uncertainty


In a short statement posted to customers, SonicWall says it is continuing to investigate the incident and that users of certain versions of its Secure Mobile Access (SMA) gateway products should apply temporary fixes until a permanent patch is available.


And while SonicWall did not release details about the zero-day attack and the vulnerability, the company stressed that this security incident appears well planned.


“Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products,” according to the company statement released Friday.


On Saturday, SonicWall released an updated statement, which detailed a number of products not affected by the attack. This includes the NetExtender VPN Client access product, which the firm originally believed had been targeted…

Source…