Discovered attacks on 0-day vulnerability in SonicWall products

0-day vulnerability in SonicWall
Written by Emma Davis

Information security specialists of the NCC Group have discovered that a mysterious 0-day vulnerability in SonicWall’s network products is already under “indiscriminate” attacks.

Since there is still no patch, details of the bug were not disclosed to prevent other hackers from joining the attacks. SonicWall developers were notified of what was happening last weekend.

One NCC Group expert told ZDNet the following:

Earlier this week, we noticed that one attacker was already using [0-day]. At that time, we only raised honeypot, so we did not receive a full request. However, that prompted us to reverse engineer the request path, and we identified a bug that we believe the attacker was exploiting.

At the same time, analysts are convinced that they have discovered the very same zero-day vulnerability, with the help of which a mysterious attacker recently hacked SonicWall itself, penetrating the manufacturer’s internal network.

Let me remind you that at the end of January it became known that SonicWall suffered during a “coordinated hacker attack.”

Company representatives still do not report any details about this incident, they only write that Secure Mobile Access (SMA) version 10.x, running on hardware solutions SMA 200, SMA 210, SMA 400, SMA 410 and virtual SMA 500v should be considered vulnerable to an unknown 0-day problem. Also, SMA 100 series devices are still under investigation.

Bleeping Computer journalists reported that they were contacted 2 weeks ago by an attacker claiming to have information about a 0-day vulnerability in the products of a well-known firewall vendor. It is not known whether it was SonicWall.

I have information about a hack of a well-known vendor of firewalls and other security solutions, while the company is silent and does not issue press releases for its customers that may be attacked by several 0-days. To be more precise, very large technology companies are vulnerable.said the anonymous author, and after that he never got in touch.

In turn, Security Week reported that they were also contacted by an anonymous author who said that SonicWall had suffered from a ransomware attack, and the malware operators managed to steal the company’s source code, as well as gain full access to all SonicWall’s internal systems.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.