Cyber security company Sonicwall has warned customers that many weaknesses affecting its safe mobile access (SMA) equipment are now being actively exploited in attacks.
On Tuesday, Sonicwall updated security advice Cve-2023-44221 And Cve-2024-38475 Security is to tag the two weaknesses as “potentially being exploited in the wild”.
The CVE-2023-44221 is described as the SSL-VPN management interface described as the high-severity command injection vulnerability due to the inappropriate neutrality of special elements that enable the attackers to inject the arbitrary command as a “no” user.
Second has been rated as a significant severity defect due to avoiding the output in the mod_rewrite, the second security bug, CVE-2024-38475, Apache HTTP Server 2.4.59 and before and before. Successful exploitation may allow informal, remote attackers to obtain code execution to obtain code execution by maping the URL at system locations allowed to serve by the successful exploitation server.
Two weaknesses affect SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500V devices and the firmware versions are 10.2.1.1.14-75SV and are patched later.
“During further analysis, Sonicwall and reliable security partners identified an additional exploitation technique using CVE-2024-38475, through which unauthorized access sessions to certain files can enable kidnapping,” Sonicwall warns In an updated advisor.
“During further analysis, Sonicwall and Trusted Safety Partners identified that ‘CVE-2013-44221- Post Authentication OS Command Injection’ Gully is probably being exploited in the wild,” This added“Sonicwall Psirt recommends reviewing your SMA devices to ensure any unauthorized login.”
Earlier this month, the company flagged off another high-seriousness defect about four years ago. Cve-2021-20035 As the Sma100 VPN devices have been actively exploited in distance code execution attacks targeting devices. A day later, Cyber Security Company Arctic Wolf stated that CVE-2021–20035 was under active exploitation since at least January 2025.
Sisa too Safety bugs added For Known exploitative weaknesses catalogOrder American federal agencies to secure their network against the ongoing attacks.
In January, Sonicwall urged to patch a significant defect in the Sma1000 safe access gateway, which was being exploited in zero-day attacks, and a month later a month later a warning of an actively exploited disciplined bypass defect in the gene 6 and General 7 Firewalls allows hackers to allow VPN sessions.
