SonicWall Network Kit Abused in Network Compromise Attacks

• The comparison
• Tutorials
• SonicWall Network Kit Abused in Network Compromise Attacks

Security firm NCC Group believes it has identified an active exploit involving a SonicWall zero-day vulnerability that was exposed last week. The company has not revealed the exact details of the exploit, as it could lead to further attacks. "In SonicWall's opinion...we have identified and demonstrated the exploitability of a potential candidate for the described vulnerability and have forwarded details to SonicWall; we have also seen indications of indiscriminate use of an exploit in the wild - please refer to the logs", says NCC in a tweet. SonicWall has not confirmed whether the exploit discovered by NCC researchers involved any of the vulnerabilities disclosed last week. Until more information is released, NCC has advised that owners of vulnerable SonicWall devices cited in the company's recent security advisory should limit the IP addresses allowed to access the management interface to those associated with authorized personnel.

Unconfirmed exploits

SonicWall recently warned its customers that a zero-day vulnerability had been discovered affecting several of its VPN products. However, upon further investigation, the number of affected devices has been significantly reduced. However, SonicWall has admitted to the unconfirmed presence of a zero-day vulnerability affecting its SMA 100 series, a range of network devices used to provide remote employees with access to internal networks, something that has become increasingly necessary. with COVID-19 restrictions still in place. place for many companies. SonicWall continues to investigate potential vulnerabilities and reminded users of the importance of installing the latest security updates to ensure protection against cybersecurity threats. The company added that many of the shared proof-of-concept exploits are not possible if fixes released in 2015 are installed. Via ZDNet