skip to Main Content

Cybercrime, companies worldwide targeted via SonicWall critical bugs

Companies worldwide targeted by cybercrime actors via SonicWall critical bugs. BleepingComputer cybersecurity experts: Threat actors exploit the CVE-2021-20038 to execute code as the ‘nobody’ user in compromised appliances

Cybercrime actors are targeting companies worldwide via SonicWall critical bugs. It has been denounced by BleepingComputer cybersecurity experts. The flaw, found by Rapid7 Lead Security Researcher Jacob Baines, is an unauthenticated stack-based buffer overflow tracked as CVE-2021-20038 that impacts SMA 100 series appliances (including SMA 200, 210, 400, 410, and 500v) even when the web application firewall (WAF) is enabled. Successful exploitation can let remote unauthenticated attackers execute code as the ‘nobody’ user in compromised SonicWall appliances. The company last December released security updates, but threat actors are now attempting to exploit the vulnerability in the wild, also trying to brute force their way in by password spraying known SonicWall appliances default passwords.

Back To Top