Network security provider SonicWall said on Monday that hackers are exploiting a critical zeroday vulnerability in one of the firewalls it sells.
The security flaw resides in the Secure Mobile Access 100 series, SonicWall said in an advisory updated on Monday. The vulnerability, which affects SMA 100 firmware versions 10.x, isn’t slated to receive a fix until the end of Tuesday.
Monday’s update came a day after security firm NCC Group said on Twitter that it had detected “indiscriminate use of an exploit in the wild.” The NCC tweet referred to an earlier version of the SonicWall advisory that said its researchers had “identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.”
Read 6 remaining paragraphs | Comments
source https://arstechnica.com/?p=1738904