Today CISA added an OS command injection vulnerability in the SonicWall SMA100 Appliances to their Known Exploited Vulnerabilities (KEV) catalog. SonicWall previously disclosed this vulnerability and updated their advisory on Tuesday to note that:
“During further analysis, SonicWall and trusted security partners identified that 'CVE-2023-44221 - Post Authentication OS Command Injection' vulnerability is potentially being exploited in the wild.”
The vulnerability was originally reported by Wenjie Zhong (H4lo) Webin lab of DBappSecurity. SonicWall reported in 2023 that they had a new version available that mitigated the vulnerability. There are no publicly available exploits reported at NVD.NIST.gov for the vulnerability.
CISA has directed federal agencies using SMA100 Appliances
(which includes SMA 200, 210, 400, 410, 500v, according to SonicWall) to apply mitigations
per vendor instructions, follow applicable BOD 22-01 guidance for cloud
services, or discontinue use of the product if mitigations are unavailable. The
deadline for accomplishing this has been set as May 22nd, 2025.
Posts
No comments:
Post a Comment