We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.
Customize Consent Preferences
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ...
Always Active
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
No cookies to display.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.
No cookies to display.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
No cookies to display.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
No cookies to display.
Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.
SonicWall has released an Critical advisory urging administrators to address a critical vulnerability in its SSL-VPN product.
The flaw, identified as CVE-2024-53704, poses a significant security risk, allowing attackers to exploit the system remotely. Administrators are strongly encouraged to update their systems immediately to mitigate potential threats. SonicWall has released an Critical advisory urging administrators to address a critical vulnerability in its SSL-VPN product.
Key Details:
The vulnerability allows unauthenticated remote attackers to execute arbitrary code on affected systems.
It impacts SonicWall’s SSL-VPN products, widely used for secure remote access.
Exploitation of this bug could lead to severe consequences, including unauthorized access to sensitive data, network infiltration, and system compromise.
Summary
OEM
SonicWall
Severity
High
CVSS
8.2
CVEs
CVE-2024-53704
Exploited in Wild
No
Patch/Remediation Available
Yes
Advisory Version
1.0
Overview
The security flaw, tracked as CVE-2024-53704, presents a serious risk, enabling remote exploitation by attackers. Administrators are highly advised to apply the necessary patches without delay to protect against potential threats.
Vulnerability Name
CVE ID
Product Affected
Severity
Affected Version
Improper Authentication
CVE-2024-53704
SonicWall
High
7.1.x (7.1.1-7058 and older), 7.1.2-7019 8.0.0-8035
A privilege escalation vulnerability
CVE-2024-53706
SonicWall
High
7.1.x (7.1.1-7058 and older), 7.1.2-7019
A weakness in the SSLVPN authentication token generator
CVE-2024-40762
SonicWall
High
7.1.x (7.1.1-7058 and older), 7.1.2-7019
A server-side request forgery (SSRF) vulnerability
CVE-2024-53705
SonicWall
Medium
6.5.4.15-117n and older 7.0.x (7.0.1-5161 and older)
Technical Summary
CVE ID
System Affected
Vulnerability Details
Impact
CVE-2024-53704
Gen7 Firewalls, Gen7 NSv, TZ80
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
Bypass authentication
CVE-2024-53706
Gen7 Cloud Platform NSv
A vulnerability in the Gen7 SonicOS Cloud platform NSv (AWS and Azure editions only), allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution.
Allow attackers to gain root privileges and potentially execute code.
CVE-2024-40762
Gen7 Firewalls, Gen7 NSv, TZ80
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.
Weak PRNG in authentication tokens can lead to authentication bypass in SSLVPN.
CVE-2024-53705
Gen6 Hardware Firewalls, Gen7 Firewalls, Gen7 NSv
A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall.
Allow attackers to establish TCP connections to arbitrary IP addresses and ports
Remediation:
Update: Impacted users are recommended to upgrade to the following versions to address the security risk:
Firewalls Versions
Fixes and Releases
Gen 6 / 6.5 hardware firewalls
SonicOS 6.5.5.1-6n or newer
Gen 6 / 6.5 NSv firewalls
SonicOS 6.5.4.v-21s-RC2457 or newer
Gen 7 firewalls
SonicOS 7.0.1-5165 or newer; 7.1.3-7015 and higher
TZ80: SonicOS
SonicOS 8.0.0-8037 or newer
Recommendations:
Patch Without Delay: Install the latest firmware update from SonicWall to resolve this vulnerability. Detailed instructions are available in SonicWall’s official advisory.
Monitor Network Activity: Regularly monitor network traffic for signs of suspicious or unauthorized access.
Limit Access: Restrict VPN access to trusted users and enforce Multi-Factor Authentication (MFA) for all accounts.
Stay Updated: Subscribe to SonicWall’s security alerts and updates to stay informed about upcoming vulnerabilities.