A SonicWall SMA 100 zero-day vulnerability is being actively exploited in the wild, according to a tweet by cybersecurity firm NCC Group. SonicWall has confirmed the vulnerability and is working on a patch to be released by the end of the day tomorrow. Administrators need to enable multi-factor authentication (MFA) on the devices and recommend setting up IP address restrictions to the management interface. A patch will be available on February 2, 2021 and SonicWall recommends customers perform a downgrade of their devices to use 9.x firmware.
Source: https://www.bleepingcomputer.com/news/security/sonicwall-sma-100-zero-day-exploit-actively-used-in-the-wild/