CVE-2021-20016

Confirmed PUBLISHED

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access...

SonicWall · SonicWall SMA100
Exploited in the wild Used in malware

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
9.8 Critical EPSS 40.0%

At a Glance

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.

cisa malware ransomware edge
CVE Published
Feb 03, 2021
Exploitation Reported
Nov 03, 2021
CVSS
9.8 Critical
EPSS
40.0%
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
SonicWall
SonicWall SMA100

SMA100 build version 10.x

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.