Summary: SonicWall has issued a warning about two high-severity vulnerabilities in its Secure Mobile Access (SMA) appliances that are currently being exploited in attacks. CVE-2023-44221 allows command injection, while CVE-2024-38475 permits unauthenticated remote code execution. Users are advised to patch their devices to firmware version 10.2.1.14-75sv or later to mitigate these risks.
Affected: SonicWall Secure Mobile Access (SMA) appliances
Keypoints :
- SonicWall has updated advisories for CVE-2023-44221 and CVE-2024-38475, identifying them as actively exploited.
- CVE-2023-44221 is a command injection vulnerability allowing attackers to inject commands as an unauthorized user.
- CVE-2024-38475 enables unauthorized remote access through improper output escaping in Apache HTTP Server.
- Both vulnerabilities affect SMA 200, 210, 400, 410, and 500v devices, necessitating an update to at least firmware version 10.2.1.14-75sv.
- SonicWall recommends customers examine their SMA devices for unauthorized logins.