![Epic Games Wins Major Victory as Apple is Ordered to Comply With App Store Anti-Steering Injunction [Updated]](https://images.macrumors.com/t/Z4nU2dRocDnr4NPvf-sGNedmPGA=/2250x/article-new/2022/01/iOS-App-Store-General-Feature-JoeBlue.jpg)
![Google Home app fixes bug that repeatedly asked to ‘Set up Nest Cam features’ for Nest Hub Max [U]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/08/youtube-premium-music-nest-hub-max.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
.webp?#)
![[The AI Show Episode 145]: OpenAI Releases o3 and o4-mini, AI Is Causing “Quiet Layoffs,” Executive Order on Youth AI Education & GPT-4o’s Controversial Update](https://www.marketingaiinstitute.com/hubfs/ep%20145%20cover.png)
SonicWall OS Command Injection Vulnerability Exploited in the Wild
SonicWall has issued an urgent warning to customers that threat actors are actively exploiting a high-severity command injection vulnerability in its Secure Mobile Access (SMA) appliances. The vulnerability, tracked as CVE-2023-44221, was initially disclosed in December 2023 but has recently been confirmed as being weaponized in real-world attacks. The security flaw, which carries a CVSS […] The post SonicWall OS Command Injection Vulnerability Exploited in the Wild appeared first on Cyber Security News.
SonicWall has issued an urgent warning to customers that threat actors are actively exploiting a high-severity command injection vulnerability in its Secure Mobile Access (SMA) appliances.
The vulnerability, tracked as CVE-2023-44221, was initially disclosed in December 2023 but has recently been confirmed as being weaponized in real-world attacks.
The security flaw, which carries a CVSS score of 7.2, stems from improper neutralizing special elements in the SMA100 SSL-VPN management interface.
When successfully exploited, it allows remote authenticated attackers with administrative privileges to inject arbitrary commands as a ‘nobody’ user, potentially leading to complete system compromise.
SonicWall OS Command Injection
“During further analysis, SonicWall and trusted security partners identified that ‘CVE-2023-44221 – Post Authentication OS Command Injection’ vulnerability is potentially being exploited in the wild,” SonicWall stated in an updated advisory issued on April 30, 2025.
The vulnerability impacts multiple SonicWall products, including SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v devices running firmware versions 10.2.1.9-57sv and earlier. Organizations using these devices are at significant risk if they haven’t applied the necessary patches released by SonicWall.
Cybersecurity experts recommend immediate action to mitigate the risk. “Given that CVE-2023-44221 allows for OS command injection on affected devices, organizations should prioritize updating to the latest firmware,” said a security researcher familiar with the vulnerability.
SonicWall has released patches to address the vulnerability and strongly advises customers to upgrade to firmware version 10.2.1.14-75sv or later. Additionally, the company recommends that customers “review their SMA devices to ensure no unauthorized logins” have occurred.
To further protect against potential exploitation, security experts recommend implementing multi-factor authentication for all accounts, especially local accounts, resetting passwords of all local accounts on SonicWall SMA firewalls with strong passwords, limiting VPN access to only necessary accounts, and removing or disabling unneeded accounts, including default admin accounts.
This development comes shortly after SonicWall flagged another high-severity vulnerability (CVE-2021-20035) as being actively exploited, highlighting the continued targeting of VPN appliances by threat actors. The vulnerability was discovered and reported by Wenjie Zhong (H4lo) from the Webin lab of DBappSecurity Co., Ltd.
Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
The post SonicWall OS Command Injection Vulnerability Exploited in the Wild appeared first on Cyber Security News.
