Cyber-security firm the NCC Group said on Sunday that it detected active exploitation attempts against a zero-day vulnerability in SonicWall networking devices.
Details about the nature of the vulnerability have not been made public to prevent other threat actors from studying it and launching their own attacks.
“We’ve seen it used by a single threat actor earlier in the week. We were just standing the honeypot up at the time so didn’t get the full request,” Rich Warren, a security researcher for the NCC Group, told ZDNet.
The January 23 zero-day impacted Secure Mobile Access (SMA) gateways, a type of networking device that is used inside government and enterprise networks to provide access to resources on intranets to remote employees. SonicWall listed SMA 100 Series devices as impacted by the January 23 zero-day.