The US Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added security flaws affecting the SonicWall Secure Mobile Access (SMA) 100 Series Gateways based on evidence of active exploitation in its known exploited vulnerabilities (KEV) catalog.
The high-strength vulnerability tracked as CVE-2021-20035 (CVSS score: 7.2) is related to the case of operating system command injections that can lead to code execution.
“Improper neutralization of special elements in the SMA100 management interface allows remote authentication attackers to inject arbitrary commands as “no one” users.” This could lead to code execution.”
The defect affects SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500V (ESX, KVM, AWS, AZURE) devices.
10.2.1.0-17SV before (fixed at 10.2.1.1-19SV or higher) 10.2.0.7-34SV and early (fixed at 10.2.0.8-37SV or higher) 9.0.0.0.10-28SV or higher (fixed at 9.0.0.11-31SV or higher)
The exact details surrounding CVE-2021-20035’s exploitation are currently unknown, but Sonic Wall has since corrected the bulletin to admit that “the vulnerability could be exploited in the wild.”
Federal Civil Enforcement Division (FCEB) agencies must apply the necessary mitigations by May 7, 2025 to ensure their networks are secured against aggressive threats.
Source link
