image credit: Freepik

SonicWall Email Security zero-days need urgent patch

April 21, 2021

Users of SonicWall Email Security are being urged to patch a series of three critical zero-days that were first identified almost a fortnight ago, but are likely to have been exploited in the wild since March and are only now beginning to be publicised, leading to questions for the firm.

The three vulnerabilities have been assigned CVE-2021-20021, CVE-2021-20022 and CVE-2021-20023 and exist in various versions of SonicWall’s Email Security product as listed by the supplier in its advisory. The vulnerabilities also exist in some versions of the product that have been end-of-lifed and are no longer receiving support – for legacy users, SonicWall is urging a full upgrade.

Read More on Computer Weekly