SonicWall hacked through 0-day vulnerabilities in its own products

SonicWall Hacked Through 0-Day Vulnerabilities
Written by Emma Davis

Last weekend, representatives of SonicWall said that the company suffered from a “coordinated hacker attack”, while cybercriminals hacked the company’s network through 0-day vulnerabilities in its own products.

A short message from the company lists the following vulnerable products, in which zero-day problems were found (there are no patches for them yet): Secure Mobile Access (SMA) version 10.x, running on hardware solutions SMA 200, SMA 210, SMA 400, SMA 410 and virtual SMA 500v. The SMA 100 series devices are still under investigation.

The vulnerability also affects the NetExtender VPN client version 10.x (released in 2020) used for 100 series SMA devices and SonicWall firewalls. was originally indicated in the message.

The company later reported that these fears were groundless.

It is separately emphasized that the new SMA 1000 line, SonicWall and SonicWall SonicWave AP bandwalls do not affect vulnerabilities.

While there are no details about the attack itself, or about the vulnerabilities found, the company only encourages its customers to enable two-factor authentication for administrator accounts, as well as use of firewalls and restriction of the circle of persons who can interact with SMA devices.

Bleeping Computer writes that, judging by the laconic descriptions of the bugs, they can be used remotely, without authentication on public devices. Journalists also say that in the middle of last week, they were contacted by an attacker claiming that he had information about a 0-day vulnerability in the products of a well-known firewall vendor. It is not known whether it was SonicWall.

I have information about a hack of a well-known vendor of firewalls and other security solutions, while the company is silent and does not issue press releases to its customers who are attacked by several 0-days. To be more precise, very large technology companies are vulnerable.said the anonymous author, and after that he never got in touch.

In turn, SecurityWeek reports that they were also contacted by an anonymous author who said that SonicWall had suffered from a ransomware attack, and the malware operators managed to steal the company’s source code, as well as gain full access to all SonicWall’s internal systems. However, the unknown did not provide any evidence of it, except for a single screenshot (which SecurityWeek did not publish).

Let me remind you that I also reported that Zyxel firewalls and VPN gateways contain a built-in backdoor.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending