SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
Summary: SonicWall has disclosed that two recently patched security vulnerabilities in its SMA100 Secure Mobile Access appliances have been actively exploited. The vulnerabilities, CVE-2023-44221 and CVE-2024-38475, could lead to command injection and unauthorized file access, posing significant risks to affected devices. Users are urged to update their systems and monitor for unauthorized access.

Affected: SonicWall SMA100 Series Devices (including SMA 200, 210, 400, 410, 500v)

Keypoints :

  • Vulnerability CVE-2023-44221 allows command injection via the SMA100 SSL-VPN interface.
  • Vulnerability CVE-2024-38475 enables potential unauthorized access to server file systems.
  • Patch versions for CVE-2023-44221 and CVE-2024-38475 are 10.2.1.10-62sv and 10.2.1.14-75sv or higher, respectively.
  • Urgent review of SMA devices is recommended to check for any unauthorized logins.
  • Recent disclosures follow CISA’s identification of another exploit affecting SonicWall’s SMA 100 Series.

Source: https://thehackernews.com/2025/05/sonicwall-confirms-active-exploitation.html