(WORLDWIDE) JUST IN: SonicWall on Monday warned of active exploitation attempts against a zero-day vulnerability in its Secure Mobile Access (SMA) 100 series devices #AceSecurityDesk report

#AceSecurityReport- Feb.02: Details of the exploit have not been disclosed to prevent the zero-day from being exploited further, but a patch is expected to be available by the end of day on February 2, 2021:

Hackers Exploiting Critical Zero-Day Bug in SonicWall SMA 100 Devices & a few thousand devices are impacted,” SonicWall said in a statement, adding, “SMA 100 firmware prior to 10.x is unaffected by this zero-day vulnerability.”

On January 22, The Hacker News exclusively revealed that SonicWall had been breached as a consequence of a coordinated attack on its internal systems by exploiting “probable zero-day vulnerabilities” in its SMA 100 series remote access devices.

Then last week, on January 29, it issued an update stating it had so far only observed the use of previously stolen credentials to log into the SMA 100 series appliances.

While SonicWall has not shared many details about the intrusion citing the ongoing investigation, the latest development points to evidence that a critical zero-day in the SMA 100 series 10.x code may have been exploited to carry out the attack.

SonicWall is internally tracking the vulnerability as SNWLID-2021-0001.

The company said SonicWall firewalls and SMA 1000 series appliances, as well as all respective VPN clients, are unaffected and that they remain safe to use: In the interim, the company recommends customers enable multi-factor authentication (MFA) and reset user passwords for accounts that utilize the SMA 100 series with 10.X firmware.

” If the SMA 100 series (10.x) is behind a firewall, block all access to the SMA 100 on the firewall,” the company said: Users also have the option of shutting down the vulnerable SMA 100 series devices until a patch is available or load firmware version 9.x after a factory default settings reboot:

#AceSecurityDesk report …….Published: Feb.02: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com