Exclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product

Technology

SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems.

The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access (SMA) that are used to provide users with remote access to internal resources.

“Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products,” the company exclusively told The Hacker News.

password auditor

The development comes after The Hacker News received reports that SonicWall’s internal systems went down earlier this week on Tuesday and that the source code hosted on the company’s GitLab repository was accessed by the attackers.

SonicWall wouldn’t confirm the reports beyond the statement, adding it would provide additional updates as more information becomes available.

The complete list of affected products include:

  • NetExtender VPN client version 10.x (released in 2020) utilized to connect to SMA 100 series appliances and SonicWall firewalls
  • Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances, and the SMA 500v virtual appliance

The company said its SMA 1000 series is not susceptible to the zero-days and that it utilizes clients different from NetExtender.

It has also published an advisory urging organizations to enable multi-factor authentication, disable NetExtender access to the firewall, restrict access to users and admins for public IP addresses, and configure whitelist access on the SMA directly to mitigate the flaws.

With a number of cybersecurity vendors such as FireEye, Microsoft, Crowdstrike, and Malwarebytes becoming targets of cyberattacks in the wake of SolarWinds supply chain hack, the latest breach of SonicWall raises significant concerns.

“As the front line of cyber defense, we have seen a dramatic surge in cyberattacks on governments and businesses, specifically on firms that provide critical infrastructure and security controls to those organizations,” SonicWall said.

(This is a developing story. We will update it as and when more updates are available.)

Products You May Like

Articles You May Like

Samsung Announces Discounts on Galaxy Watch Ultra, Galaxy Watch 7, Galaxy Buds 3 Series, More
Congress avoids a shutdown but leaves ‘a big mess’ for Trump and Republicans in 2025 – NBC Los Angeles
Jujutsu Kaisen Reveals Gojo’s Past Arc Film’s Release Date
Why the Dow is in such a historic funk and how concerned you should be
‘Murder hornet’ eradicated from the US, officials announce – NBC Los Angeles