SonicWall on Monday warned of active exploitation attempts against a zero-day vulnerability in its Secure Mobile Access (SMA) 100 series devices.
The flaw, which affects both physical and virtual SMA 100 10.x devices (SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v), came to light after the NCC Group on Sunday alerted it had detected “indiscriminate use of an exploit in the wild.”
Details of the exploit have not been disclosed to prevent the zero-day from being exploited further, but a patch is expected to be available by the end of day on February 2, 2021.
“A few thousand devices are impacted,” SonicWall said in a statement, adding, “SMA 100 firmware prior to 10.x is unaffected by this zero-day vulnerability.”
On January 22, The Hacker News exclusively revealed that SonicWall had been breached as a consequence of a coordinated attack on its internal systems by exploiting “probable zero-day vulnerabilities” in its SMA 100 series remote access devices.
Then last week, on January 29,…