Firewalls and VPN solutions maker SonicWall last month confirmed the presence of zero-day vulnerability in its SMA 100 product code. Soon, security experts from the NCC Group reported that they had recorded attempts to exploit the vulnerability in real attacks. On February 3, Sonicwall released a fix for the zero-day vulnerability and strongly encouraged all users to install it. The company has now released a second firmware update, adding additional security measures.

“Following up on the February 3 firmware update, SonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, including SMA 200, 210, 400, 410 and SMA 500v virtual appliance (Azure, AWS, ESXi, HyperV). SonicWall has conducted additional reviews to further strengthen the code for the SMA 100 series product line, ” the experts said.

While SonicWall does not describe what specific fixes are included in this update, the company emphasizes that all users should immediately update their devices.

Source: securitylab.ru