#SonicWall corrigió tres #vulnerabilidades críticas en dispositivos #SMA 100 que permiten a los #hackers ejecutar código como root
https://blogs.masterhacks.net/noticias/hacking-y-ciberdelitos/sonicwall-corrigio-3-vulnerabilidades-en-dispositivos-sma-100-que-permiten-a-los-hackers-ejecutar-codigo-como-root/

#BSI WID-SEC-2025-1054: [NEU] [mittel] #SonicWall #SMA: Schwachstelle ermöglicht Manipulation

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in SonicWall SMA ausnutzen, um Daten zu manipulieren.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1054

#SonicWall corrigió tres #vulnerabilidades críticas en dispositivos #SMA 100 que permiten a los #hackers ejecutar código como root
https://blogs.masterhacks.net/noticias/hacking-y-ciberdelitos/sonicwall-corrigio-3-vulnerabilidades-en-dispositivos-sma-100-que-permiten-a-los-hackers-ejecutar-codigo-como-root/

SonicWall just patched 3 serious SMA 100 flaws. If chained, they grant root RCE. One (CVE-2025-32819) bypasses an old patch and could be an active zero-day. Update to 10.2.1.15-81sv fast. #SonicWall #CyberSecurity #PatchNow

SonicWall Secure Mobile Access (SMA) vulnerabilities are actively exploited

Vulnerabilities: Path traversal allowing write access, command injection

Impact: Chain the vulnerabilities to achieve remote code execution

CVE: CVE-2025-32819, CVE-2025-32820, CVE-2025-32821

Remediation: Upgrade to firmware version 10.2.1.15-81sv or higher, check logs for unauthorized access, and enable MFA and web application firewall.

#cybersecurity #SonicWall #vulnerabilitymanagement

https://www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-patch-vpn-flaw-exploited-in-attacks/

#SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks.
#CyberSecurity https://www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-patch-vpn-flaw-exploited-in-attacks/

SonicWall releases patches for critical VPN flaws allowing root code execution; update immediately. #SonicWall #Cybersecurity #VPN

More details: https://www.helpnetsecurity.com/2025/05/08/sonicwall-sma100-vulnerability-exploited-cve-2025-32819 - https://www.flagthis.com/news/14682

#SonicWall fixed #SMA 100 flaws that could be chained to execute arbitrary code
https://securityaffairs.com/177626/hacking/sonicwall-fixed-sma-100-flaws-that-could-be-chained-to-execute-arbitrary-code.html
#securityaffairs #hacking

#SonicWall fixed #SMA 100 flaws that could be chained to execute arbitrary code
https://securityaffairs.com/177626/hacking/sonicwall-fixed-sma-100-flaws-that-could-be-chained-to-execute-arbitrary-code.html
#securityaffairs #hacking

Urgent: Patch SonicWall SMA VPN flaws NOW to prevent active exploitation and remote code execution. #SonicWall #Cybersecurity #VPN

More details: https://securityonline.info/multi-vulnerabilities-found-in-sonicwall-sma-100-series-prompt-urgent-security-update - https://www.flagthis.com/news/14661

#SonicWall urges admins to patch #VPN flaw exploited in attacks

https://www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-patch-vpn-flaw-exploited-in-attacks/

#cybersecurity

#BSI WID-SEC-2025-0984: [NEU] [hoch] #SonicWall #SMA: Mehrere Schwachstellen

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in SonicWall SMA ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder beliebigen Programmcode auszuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0984

SonicWall’s new advisory is a wake-up call—attackers can now use a VPN flaw to hijack admin rights and even run commands as root. Are your systems patched yet? Stay one step ahead before it's too late.

https://thedefendopsdiaries.com/understanding-sonicwalls-critical-vpn-vulnerabilities-and-how-to-protect-your-systems/

#sonicwall
#vpnvulnerability
#cybersecurity
#patchmanagement
#infosecurity

watchTowr Warns of Active Exploits Targeting SonicWall SMA 100 Devices Using CVE-2024-38475 and CVE-2023-44221.

Read: https://hackread.com/watchtowr-exploits-target-sonicwall-sma-100-devices/

#CyberSecurity #Vulnerability #SonicWall #CyberAttack

Heads up SonicWall SMA100 admins: Two patched vulns CVE-2023-44221/CVE-2024-38475 are actively exploited in the wild. Attackers chain them for system access. Update ASAP & check for suspicious activity.

#SonicWall #CyberSecurity #PatchNow

SonicWall SMA appliances are under active attack; update immediately to patch critical vulnerabilities. #SonicWall #Cybersecurity #Vulnerability

More details: https://www.bleepingcomputer.com/news/security/sonicwall-sma100-vpn-vulnerabilities-now-exploited-in-attacks/ - https://www.flagthis.com/news/14238

#patchen!

Ältere #Sicherheitslücken geraten in den Fokus von Angreifern.

Aufgrund von laufenden Attacken sollten Admins ihre #Fernwartungslösungen der #SMA-Serie von #Sonicwall umgehend auf den aktuellen Stand bringen.

Angreifer haben zurzeit zwei ältere Sicherheitslücken in Sonicwall-Fernwartungslösungen der Secure-Mobile-Access-Serie (SMA) im Visier. Sicherheitspatches sind schon länger verfügbar, aber offensichtlich sind sie bisher nicht flächendeckend installiert.

https://www.heise.de/news/Jetzt-patchen-Angreifer-setzen-erneut-an-aelteren-Sonicwall-Luecken-an-10369484.html

U.S. #CISA adds #SonicWall SMA100 and #Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/177301/hacking/u-s-cisa-adds-sonicwall-sma100-and-apache-http-server-flaws-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking

#SonicWall: #SMA100 #VPN vulnerabilities now exploited in attacks

https://www.bleepingcomputer.com/news/security/sonicwall-sma100-vpn-vulnerabilities-now-exploited-in-attacks/

#cybersecurity

CISA Adds SonicWall Vulnerability to KEV Catalog – 5-1-25 – https://tinyurl.com/yb4dsuuk #KEV #SonicWall