Cybersecurity specialists report that hacking groups are actively exploiting CVE-2021-20038, a severe vulnerability in SonicWall Secure Mobile Access (SMA) gateways, fixed in late 2021. The flaw was described as an unauthenticated stack-based buffer overflow residing in the SMA 100 Series devices (including SMA 200, 210, 400, 410 and 500v).

Threat actors can exploit the flaw for remote code execution (RCE) as the “nobody” user on compromised SonicWall devices. A few weeks ago, the company asked customers using SMA 100 Series devices to apply security patches containing the necessary fixes to prevent the exploitation of some recently reported flaws.

According to the report, the most severe flaws are two stack-based buffer overflow errors tracked as CVE-2021-20038 and CVE-2021-20045; threat actors could exploit these flaws to execute code as the “nobody” user on the affected systems.

The flaws were actively exploited before SonicWall could address them, so it’s critical that users apply the patches.

Specialists also warned about some password spraying attacks in which cybercriminals try to access devices that use default passwords. The good news is that the attacks detected so far do not appear to be the result of a massive campaign, so it is believed that these are only isolated incidents.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Threat actors are actively exploiting a critical vulnerability, CVE-2021-20038, in SonicWall Secure Mobile Access (SMA) gateways. Update immediately appeared first on Information Security Newspaper | Hacking News.


You May Also Like

Expert shows how easy it is to hack apple pay and Samsung tap. They can empty bank accounts

Timur Yunosov is a Russian cybersecurity researcher specializing in mobile security and…

3 critical vulnerabilities in SonicWall SMA 1000 SSLVPN affect over 500k companies

In a security alert, SonicWall has strongly urged its customers to address…

Critical zero-day vulnerability in Windows 10 that allows local privilege escalation to admin: Exploit code published

Cybersecurity specialists recently published an exploit for a local privilege escalation vulnerability…

Philips Interoperability Solution has a clear text transmission vulnerability that can cause medical records data breach in hospitals worldwide. Patch now

Cybersecurity specialists reported the finding of a critical vulnerability in Interoperability Solution…