SonicWall has fixed a handful of vulnerabilities affecting its SMA 100 series appliances and is urging organizations to implement the patches as soon as possible.
Although there’s currently no evidence of these bugs being exploited in active attacks, threat actors have been known to target these appliances in the past by leveraging known and zero-day vulnerabilities.
About the vulnerabilities
The patched vulnerabilities, which were reported by Jake Baines of Rapid7 and Richard Warren of NCC Group received incremental identifiers from CVE-2021-20038 up to CVE-2021-20045.