SonicWall Hacked Using 0-Day in its Own VPN Product


Staff member
Malware Hunter
Jul 27, 2015
SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems.

The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access (SMA) that are used to provide users with remote access to internal resources. "Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products," the company exclusively told The Hacker News.


Level 75
Content Creator
Malware Hunter
Aug 17, 2014
Today, SonicWall has released an SMA 100 series firmware update that fixes the actively exploited zero-day vulnerability in the SMA 100 series of devices. "All SMA 100 series users must apply this patch IMMEDIATELY to avoid potential exploitation," SonicWall says.
Impacted SMA 100 devices running affected 10.x firmware and requiring this critical patch include:
  • Physical Appliances: SMA 200, SMA 210, SMA 400, SMA 410
  • Virtual Appliances: SMA 500v (Azure, AWS, ESXi, HyperV)