Summary: SonicWall has issued a warning regarding the active exploitation of two critical vulnerabilities affecting its Secure Mobile Access (SMA) 100 Series products. The vulnerabilities—CVE-2023-44221 and CVE-2024-38475—pose significant security risks, necessitating urgent updates to address these issues. Affected: SonicWall’s SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v secure remote access products.
Keypoints :
- The vulnerabilities include an OS command injection bug (CVE-2023-44221) with a CVSS score of 7.2, and a critical path traversal flaw (CVE-2024-38475) in Apache HTTP Server, with a CVSS score of 9.8.
- Exploitation of CVE-2023-44221 requires administrative privileges, while CVE-2024-38475 can be exploited remotely without authentication.
- Both vulnerabilities have been confirmed to be exploited in the wild, and SonicWall has recommended customers update to the latest software versions to secure their devices.
- SonicWall recently updated its advisories, indicating these flaws and a previous vulnerability (CVE-2021-20035) have all been targeted in attacks.
- The US cybersecurity agency CISA has listed the CVE-2021-20035 vulnerability in its Known Exploited Vulnerabilities (KEV) catalog.
Read More: https://www.securityweek.com/sonicwall-flags-two-vulnerabilities-as-exploited/