The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection that could result in code execution.
“Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a ‘nobody’ user, which could potentially lead to code execution,” SonicWall said in an advisory released in September 2021.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
The flaw impacts SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v (ESX, KVM, AWS, Azure) devices running the following versions –
- 10.2.1.0-17sv and earlier (Fixed in 10.2.1.1-19sv and higher)
- 10.2.0.7-34sv and earlier (Fixed in 10.2.0.8-37sv and higher)
- 9.0.0.10-28sv and earlier (Fixed in 9.0.0.11-31sv and higher)
While the exact details surrounding the exploitation of CVE-2021-20035 are presently unknown, SonicWall has since revised the bulletin to acknowledge that “this vulnerability is potentially being exploited in the wild.”
Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary mitigations by May 7, 2025, to secure their networks against active threats.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks