SonicWall Confirms Active Exploitation of Patched Vulnerabilities in SMA100 Appliances

SonicWall has confirmed that two previously patched security vulnerabilities affecting its SMA100 Secure Mobile Access (SMA) appliances are currently being exploited in real-world attacks.

The two vulnerabilities are:

• CVE-2023-44221 (CVSS 7.2): A command injection flaw in the SSL-VPN management interface of the SMA100, which allows remote authenticated attackers with administrative privileges to inject arbitrary commands executed as the ‘nobody’ user.
• CVE-2024-38475 (CVSS 9.8): An output escaping issue in Apache HTTP Server’s mod_rewrite (version 2.4.59 and earlier), enabling attackers to map URLs to unauthorized file system locations, potentially leading to file exposure or access.

These issues affect devices in the SMA 100 Series lineup, including models SMA 200, 210, 400, 410, and 500v. SonicWall issued patches on the following versions:

• CVE-2023-44221 was resolved in version 10.2.1.10-62sv and later (released December 4, 2023).
• CVE-2024-38475 was addressed in version 10.2.1.14-75sv and later (released December 4, 2024).

In a security advisory update on April 29, 2025, SonicWall urged customers to inspect their SMA devices for signs of unauthorized access. The company noted that further investigation revealed a new exploitation technique involving CVE-2024-38475 that could lead to session hijacking through unauthorized file access.

At this time, SonicWall has not disclosed specific details about the methods used to exploit these flaws, the identities of the attackers, or the extent of the impact.

This alert follows recent action by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which added another SonicWall SMA 100 Series vulnerability—CVE-2021-20035 (CVSS 7.2)—to its Known Exploited Vulnerabilities (KEV) catalog due to confirmed active exploitation.

SonicWall advises all users to update their devices to the latest firmware versions and to monitor for unusual activity.

Latest News

• Navigating Gmail and Yahoo! Mail’s New Email Sender Requirements 2024
• VND Unveils New Brand and Website at LBAN SOLE Expo at Stanford
• Cybersecurity Essentials for SMBs: A Comprehensive Cybersecurity Checklist
• Revolutionizing Tomorrow: Your Guide to the Tech Trends of 2024! 
• Custom Software Development Cost: Factors, Estimates, and Comparisons
• Remote Work, E-commerce: Is your business ready for Cloud Based operations?
• Must Have Checklist for Every Website in 2023
• VND talks about Server Hosting with the San Antonio Business Journal
• From Commodore 64 to Mobile
• Why do you need a blueprint for your software project?

News Categories

• All
• App Development
• Community Involvement
• From The Team
• General News
• Hosting
• Local VND
• Site Launches
• Uncategorized
• VND Home Page Updates
• VND in the News
• VND Services
• Web Development