SonicWall Snafu: Urgent Patch Alert as Hackers Exploit SMA 100 Flaws for Full System Takeover

watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities, potentially leading to full system takeover and session hijacking. The flaws, CVE-2024-38475 and CVE-2023-44221, are a hacker’s dream team for chaos. Businesses, patch up faster than you can say “security breach!” CISA is urging immediate action.

3P
Published: May 3, 2025 9:32 pmAdded: May 3, 2025 at 2:42 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Oh SonicWall, we thought you were supposed to be a firewall, not a bridge for hackers to come strolling in like it’s their birthday! With vulnerabilities that allow a full system takeover, it’s like handing the keys to the kingdom to the bad guys. Just imagine hackers lounging in your network like it’s their personal man cave. Time to patch it up faster than a leaky roof in a rainstorm!

Key Points:

  • SonicWall SMA 100 vulnerabilities (CVE-2024-38475 & CVE-2023-44221) are actively exploited.
  • The vulnerabilities can lead to full system takeover and session hijacking.
  • Models affected include SMA 200, 210, 400, 410, and 500v.
  • Patches released for the vulnerabilities in December 2023 and 2024.
  • CISA has issued an urgent warning and mandated patch application by May 22, 2025.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?