3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances

21 April 2021

SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security (ES) product that are being actively exploited in the wild. Tracked as CVE-2021-20021 and CVE-2021-20022, the flaws were discovered and reported to the company by FireEye’s Mandiant subsidiary on March 26, 2021, after the cybersecurity firm detected post-exploitation web shell activity on an internet-accessible system within a customer’s environment that had SonicWall’s Email Security (ES) application running on a Windows Server 2012 installation.

Read full article on The Hacker News

Date:

21 April 2021

Categorie(s):

NEWS

Tag(s):

Appliances, Security Pro, SonicWall, Vulnerability, Zero Days

Hackers Target Middle East Governments with Evasive “CR4T” Backdoor19 April 2024
6 Surprising Ways Hackers Can Exploit Your Smart Home Devices19 April 2024
Protobom: Open-source software supply chain tool19 April 2024
The key pillars of domain security19 April 2024
Fraudsters abused Apple Stores’ third-party pickup policy to phish for profits19 April 2024