US government flags worrying SonicWall flaw, so update now

US government flags worrying SonicWall flaw, so update now

SonicWall updates its security advisory, and CISA added the flaw to KEV.

Older SonicWall SMA100 vulnerability exploited in the wild

CISA added the high-severity flaw, initially disclosed in 2021, to its known exploited vulnerabilities catalog this week.

CISA tags SonicWall VPN flaw as actively exploited in attacks

On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability.

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) - Help Net Security

CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers.

Credential Access Campaign Targeting SonicWall SMA Devices Potentially Linked to Exploitation of CVE-2021-20035

On April 15, 2025, SonicWall published a product notice regarding CVE-2021-20035, a vulnerability impacting SonicWall SMA 100 series appliances. In an updated security advisory for the vulnerability, SonicWall indicated …

Currently, attacks on old vulnerabilities occur in Sonicwall's firmware for SMA100 series devices.