Attackers Exploit SonicWall SMA Appliances Vulnerability Since January 2025

Since January 2025, malicious actors have been actively exploiting a remote code execution vulnerability in SonicWall Secure Mobile Access (SMA) appliances. Researchers from Arctic Wolf reported that this vulnerability, listed under the number CVE-2021-20035 with a CVSS score of 7.1, has been exploited since at least January 2025. The flaw involves an OS command in SonicWall SMA appliances.