CISA is aware of three vulnerabilities affecting SonicWall Email Security products: [CVE-2021-20021](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20021 >), [CVE-2021-20022](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20022 >), and [CVE-2021-20023](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20023>). A remote attacker could exploit these vulnerabilities to take control of an affected system. According to SonicWall, "In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’" CISA encourages users and administrators to review the SonicWall [security advisory](<https://www.sonicwall.com/support/product-notification/security-notice-sonicwall-email-security-zero-day-vulnerabilities/210416112932360/ >) and apply the necessary update as soon as possible. Note: SonicWall released patches for CVE-2021-20021 and CVE-2021-20022 on April 9, 2021, and for CVE-2021-20023 on April 20, 2021. This product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy. **Please share your thoughts.** We recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2021/04/21/sonicwall-releases-patches-email-security-products>); we'd welcome your feedback.
SonicWall Email Security 10.0.x < 10.0.9.6173 / 6177 Multiple Vulnerabilities
Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise
Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day
HelloKitty is launching a DDoS attack by exploiting known vulnerabilities
SonicWall Email Security Directory Traversal (CVE-2021-20023)
SonicWall Email Security Arbitrary File Upload (CVE-2021-20022)
SonicWall Email Security Privilege Escalation (CVE-2021-20021)