SonicWall has confirmed that the actively exploited zero-day vulnerability affects its Secure Mobile Access (SMA) 100 series appliances. The vulnerability was spotted by the NCC Group on Sunday, January 31. SonicWall expects to make a patch available by the end of Tuesday (February 2) and advise customers to enable MFA on SMA 100 series devices if they must continue to use them, and reset user passwords for accounts that utilized the SMA100 series with 10.X firmware. The firm did not outright state it’s likely the same one ‘highly sophisticated threat actors’ used to mount an attack on its internal systems.
Source: https://www.helpnetsecurity.com/2021/02/02/actively-exploited-sonicwall-zero-day-affects-sma-100-series-appliances/