Article Details

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models. SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed below - Both the flaws affect SMA 100 Series devices, including SMA 200, 210, 400, 410, 500v, and were addressed in the following versions - In an update to the advisories on April 29, 2025, SonicWall said the vulnerabilities are potentially being exploited in the wild, urging customers to review their SMA devices to ensure that there are no unauthorized logins. "During further analysis, SonicWall and trusted security partners identified an additional exploitation technique using CVE-2024-38475, through which unauthorized access to certain files could enable session hijacking," the company said. There are currently no details on how the vulnerabilities are being exploited, who may have been targeted, and the scope and scale of these attacks. The disclosures come weeks after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added another security flaw impacting SonicWall SMA 100 Series gateways (CVE-2021-20035, CVSS score: 7.2) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.