SonicWall Says Internal Systems Targeted by Hackers Exploiting Zero-Day Flaws


SonicWall hack exploited zero-days in SMA appliances

Cybersecurity firm SonicWall said late on Friday that some of its internal systems were targeted by “highly sophisticated threat actors” exploiting what appear to be zero-day vulnerabilities affecting some of the company’s products.

SonicWall provides network, access, email, cloud, and endpoint security solutions. The company said the attackers may have exploited zero-day vulnerabilities in some of its secure remote access products, namely NetExtender VPN client version 10.x, which is used to connect to Secure Mobile Access (SMA) 100 series appliances and SonicWall firewalls, as well as SMA version 10.x running on SMA 200, 210, 400 and 410 physical appliances or the SMA 500v virtual appliance.

Read more…