Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
SonicWall Users Patch Now!
April 22, 2021
According to a Dark Reading post, SonicWall zero day vulnerabilities are under attack. The vulnerabilities exist in SonicWall Email Security (ES). Security researchers at Mandiant stated, “The adversary leveraged these vulnerabilities, with intimate knowledge of the SonicWall application, to install a backdoor, access files and emails, and move laterally into the victim organization’s network.”
The vulnerabilities impact SonicWall ES and Hosted Email Security versions 10.0.1 and higher. SonicWall has issued patches to address the vulnerabilities so update now. SonicWall advises to update to the 10.0.9.6173 Hotfix for Windows users, and the 10.0.9.6177 Hotfix for hardware and ESXi virtual appliance users. The hosted email product was automatically updated so no further action is needed.