SonicWall has patched three zero-day vulnerabilities in the hosted and on-premises versions of its Email Security product. Vulnerabilities could be used to access email, pivot further into victims’ systems, the security firm says. FireEye Mandiant, which uncovered the flaws, says it has seen attackers using the flaws to place web shells, or remote access scripts, on systems. The vulnerable software includes both. Email Security versions 10.0.1 and up, according to a SonicWall advisory.”]
Source: https://www.cuinfosecurity.com/sonicwall-patches-3-zero-day-flaws-a-16439