Sonic Wall, a cyber security company, says that hackers are divided into customer corporate networks by utilizing the newly discovered vulnerabilities in one of the enterprise products.
SonicWall is a device without a device on the Internet, with the vulnerability of the SMA1000 Remote Access Appliance used by companies so that employees can log in to corporate networks as if they were in the office. In advice, he said in advisory with advice that he could plant malware. You need a system login.
The vulnerability tracked as CVE-2025-23006 was discovered by Microsoft and shared last week with SonicWall. Subscribed posts show that Sonic Wall has said that vulnerabilities have been “confirmed that they are being actively exploited in the wild,” and that some Sonic Wall corporate customers have been hacked. The bug is known as a zero day because Sonic Wall was misused before the time to provide the customer correction.
When TechnicWall and Microsoft were contacted by Techcrunch, both the number of networks that infringed on the network by attacking, but patches on the system affected by the customer by installing the security hot fix released by SonicWall. Conditioned to apply.
According to SHODAN's search results shared by Bleeping Computer, thousands of companies with thousands of SMA 1000 appliances are exposed to the Internet, and many companies with systems that are not at risk of attack are more risky.
Malicious hackers are increasingly targeting corporate cyber security products such as firewalls, remote access tools, and VPN products. These devices are on the border of corporate networks and protect them to prevent intruders from illegal access. However, they also tend to contain software bugs that can disable security protection, so that hackers can compromise on the networks that have protected these devices.
In recent years, some of the largest manufacturers of corporate cyber security products, including Barracuda, Cisco, Citrix, Forty Net, Ivanti, and Paralt Network, have revealed zero -day attacks for customers. 。
According to the US Cyber Security Agency CISA, the top of the vulnerability, which was the most commonly exploited in 2023, was discovered in enterprise products developed by Citrix, Cisco, and Fortinet, and the hackers are “high -priority goals”. It was used to operate on.