SonicWall has alerted customers that two vulnerabilities in its Secure Mobile Access (SMA) appliances are being actively exploited. The vulnerabilities, CVE-2023-44221 and CVE-2024-38475, allow for command injection and unauthorized code execution, respectively, and affect several SMA device models. Users are urged to update to the latest firmware to mitigate risks and review their systems for unauthorized access.